GHSA-qmgj-5h75-jr67
Suggest an improvement- Source
- https://github.com/advisories/GHSA-qmgj-5h75-jr67
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qmgj-5h75-jr67/GHSA-qmgj-5h75-jr67.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-qmgj-5h75-jr67
- Aliases
-
- CVE-2006-2758
- Published
- 2022-05-01T07:02:10Z
- Modified
- 2024-11-28T05:30:12.510709Z
- Summary
- Jetty Directory Traversal Vulnerability
- Details
-
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a
%2e%2e%5c(encoded../) in the URL. NOTE: this might be the same issue as CVE-2005-3747. - Database specific
{ "nvd_published_at": "2006-06-02T01:02:00Z", "cwe_ids": [ "CWE-22" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-02-12T16:10:17Z" }- References
Affected packages
Maven / org.mortbay.jetty:jetty
Package
- Name
- org.mortbay.jetty:jetty
- View open source insights on deps.dev
- Purl
- pkg:maven/org.mortbay.jetty/jetty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected6.0.beta16
Affected versions
test-6.*
test-6.0.0rc3
test-6.0.0rc4
test-6.0.0
test-6.0.1
4.*
4.1-rc1
4.1-rc6
4.2.2
4.2.3
4.2.9
4.2.10
4.2.12
6.*
6.0.0Beta1
6.0.0beta1
6.0.0beta2
6.0.0beta3
6.0.0beta4
6.0.0beta5
6.0.0beta6
6.0.0beta7
6.0.0beta8
6.0.0beta9
6.0.0beta10
6.0.0beta11
6.0.0beta12
6.0.0beta14
6.0.0beta15
6.0.0beta16
6.0.0beta17
6.0.0rc0
6.0.0rc1
6.0.0rc2
6.0.0rc3
6.0.0rc4