GHSA-fvh3-4v5r-cvvc
Suggest an improvement- Source
- https://github.com/advisories/GHSA-fvh3-4v5r-cvvc
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-fvh3-4v5r-cvvc/GHSA-fvh3-4v5r-cvvc.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-fvh3-4v5r-cvvc
- Aliases
-
- CVE-2007-5614
- Published
- 2022-05-01T18:35:01Z
- Modified
- 2023-11-08T03:56:48.986632Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- Improper Authentication in Mortbay Jetty
- Details
-
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
- Database specific
{ "cwe_ids": [ "CWE-287" ], "github_reviewed": true, "github_reviewed_at": "2022-06-08T22:32:50Z", "nvd_published_at": "2007-12-05T11:46:00Z", "severity": "HIGH" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2007-5614
- https://github.com/eclipse/jetty.project
- https://www.eclipse.org/jetty/about.php
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html
- http://www.kb.cert.org/vuls/id/438616
Affected packages
Maven / org.mortbay.jetty:jetty
Package
- Name
- org.mortbay.jetty:jetty
- View open source insights on deps.dev
- Purl
- pkg:maven/org.mortbay.jetty/jetty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.6
Affected versions
4.*
4.1-rc1
4.1-rc6
4.2.2
4.2.3
4.2.9
4.2.10
4.2.12
6.*
6.0.0Beta1
6.0.0beta1
6.0.0beta2
6.0.0beta3
6.0.0beta4
6.0.0beta5
6.0.0beta6
6.0.0beta7
6.0.0beta8
6.0.0beta9
6.0.0beta10
6.0.0beta11
6.0.0beta12
6.0.0beta14
6.0.0beta15
6.0.0beta16
6.0.0beta17
6.0.0rc0
6.0.0rc1
6.0.0rc2
6.0.0rc3
6.0.0rc4
6.0.0
6.0.1
6.0.2
6.1.0rc0
6.1.0rc1
6.1.0rc2
6.1.0rc3
6.1.0
6.1H.4-beta
6.1H.4rc1
6.1H.5-beta
6.1H.6
6.1H.7
6.1H.8
6.1H.10
6.1H.14
6.1H.14.1
6.1H.22
6.1.0pre0
6.1.0pre1
6.1.0pre2
6.1.0pre3
6.1.1rc0
6.1.1rc1
6.1.1
6.1.2rc0
6.1.2rc1
6.1.2rc2
6.1.2rc4
6.1.2rc5
6.1.2
6.1.2pre0
6.1.2pre1
6.1.3
6.1.4rc0
6.1.4rc1
6.1.4
6.1.5rc0
6.1.5
6.1.6rc0
6.1.6rc1