Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/11730?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11730?format=api", "vulnerability_id": "VCID-1ejr-3tea-kydr", "summary": "Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks\n### Impact\n Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.\n\n### Patches\n* https://github.com/jetty/jetty.project/pull/9715\n* https://github.com/jetty/jetty.project/pull/9716\n\n### Workarounds\nThe session usage is intrinsic to the design of the PushCacheFilter. The issue can be avoided by:\n + not using the PushCacheFilter. Push has been deprecated by the various IETF specs and early hints responses should be used instead.\n + reducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\n + configuring a session cache to use [session passivation](https://jetty.org/docs/jetty/12/programming-guide/server/session.html), so that sessions are not stored in memory, but rather in a database or file system that may have significantly more capacity than memory.\n\n### References\n* https://github.com/jetty/jetty.project/pull/10756\n* https://github.com/jetty/jetty.project/pull/10755", "aliases": [ { "alias": "CVE-2024-6762" }, { "alias": "GHSA-r7m4-f9h5-gr79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/925875?format=api", "purl": "pkg:deb/debian/jetty9@9.4.50-4%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.50-4%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925901?format=api", "purl": "pkg:deb/debian/jetty9@9.4.54-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.54-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925898?format=api", "purl": "pkg:deb/debian/jetty9@9.4.57-0%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925897?format=api", "purl": "pkg:deb/debian/jetty9@9.4.57-0%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925873?format=api", "purl": "pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049402?format=api", "purl": "pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/925877?format=api", "purl": "pkg:deb/debian/jetty9@9.4.57-1.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-1.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925876?format=api", "purl": "pkg:deb/debian/jetty9@9.4.58-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.58-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42045?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.18", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/42046?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.18", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.18" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036988?format=api", "purl": "pkg:deb/debian/jetty9@9.2.21-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12gq-ezut-ckhz" }, { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-3f6t-fkt7-wub9" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5qhm-ase5-5qhy" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-ahev-zdjd-gqg1" }, { "vulnerability": "VCID-czhb-gqt2-17av" }, { "vulnerability": "VCID-dvyn-8phs-a3a6" }, { "vulnerability": "VCID-dznb-x27e-kqan" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-gdcf-9axf-1yaq" }, { "vulnerability": "VCID-gq93-ctd4-aqbp" }, { "vulnerability": "VCID-kvqz-fppe-d7fe" }, { "vulnerability": "VCID-kx4x-gnk4-yugu" }, { "vulnerability": "VCID-kxtv-ma18-8fer" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-nubz-xqaw-tkfr" }, { "vulnerability": "VCID-nyxu-ekhs-gyb5" }, { "vulnerability": "VCID-p7cu-h519-83hx" }, { "vulnerability": "VCID-prd3-mmuv-n3dc" }, { "vulnerability": "VCID-q35p-8qhp-aqec" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-sw3q-jzqx-dkbn" }, { "vulnerability": "VCID-thpu-76e5-j3d3" }, { "vulnerability": "VCID-tqm9-4ch7-s7b3" }, { "vulnerability": "VCID-u2b5-uyd6-fbh9" }, { "vulnerability": "VCID-uuju-ey95-tyfq" }, { "vulnerability": "VCID-y3mv-vmwd-tydt" }, { "vulnerability": "VCID-ypc7-f1nd-t7gn" }, { "vulnerability": "VCID-zdt8-jrn2-m3ff" }, { "vulnerability": "VCID-znv6-77jf-v3gu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.21-1~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036989?format=api", "purl": "pkg:deb/debian/jetty9@9.2.21-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12gq-ezut-ckhz" }, { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-3f6t-fkt7-wub9" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5qhm-ase5-5qhy" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-ahev-zdjd-gqg1" }, { "vulnerability": "VCID-czhb-gqt2-17av" }, { "vulnerability": "VCID-dvyn-8phs-a3a6" }, { "vulnerability": "VCID-dznb-x27e-kqan" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-gdcf-9axf-1yaq" }, { "vulnerability": "VCID-gq93-ctd4-aqbp" }, { "vulnerability": "VCID-kvqz-fppe-d7fe" }, { "vulnerability": "VCID-kx4x-gnk4-yugu" }, { "vulnerability": "VCID-kxtv-ma18-8fer" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-nubz-xqaw-tkfr" }, { "vulnerability": "VCID-nyxu-ekhs-gyb5" }, { "vulnerability": "VCID-p7cu-h519-83hx" }, { "vulnerability": "VCID-prd3-mmuv-n3dc" }, { "vulnerability": "VCID-q35p-8qhp-aqec" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-sw3q-jzqx-dkbn" }, { "vulnerability": "VCID-thpu-76e5-j3d3" }, { "vulnerability": "VCID-tqm9-4ch7-s7b3" }, { "vulnerability": "VCID-u2b5-uyd6-fbh9" }, { "vulnerability": "VCID-uuju-ey95-tyfq" }, { "vulnerability": "VCID-y3mv-vmwd-tydt" }, { "vulnerability": "VCID-ypc7-f1nd-t7gn" }, { "vulnerability": "VCID-zdt8-jrn2-m3ff" }, { "vulnerability": "VCID-znv6-77jf-v3gu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.21-1%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037903?format=api", "purl": "pkg:deb/debian/jetty9@9.2.23-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12gq-ezut-ckhz" }, { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-3f6t-fkt7-wub9" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5qhm-ase5-5qhy" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-ahev-zdjd-gqg1" }, { "vulnerability": "VCID-czhb-gqt2-17av" }, { "vulnerability": "VCID-dvyn-8phs-a3a6" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-gdcf-9axf-1yaq" }, { "vulnerability": "VCID-gq93-ctd4-aqbp" }, { "vulnerability": "VCID-kvqz-fppe-d7fe" }, { "vulnerability": "VCID-kx4x-gnk4-yugu" }, { "vulnerability": "VCID-kxtv-ma18-8fer" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-nubz-xqaw-tkfr" }, { "vulnerability": "VCID-nyxu-ekhs-gyb5" }, { "vulnerability": "VCID-p7cu-h519-83hx" }, { "vulnerability": "VCID-prd3-mmuv-n3dc" }, { "vulnerability": "VCID-q35p-8qhp-aqec" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-sw3q-jzqx-dkbn" }, { "vulnerability": "VCID-thpu-76e5-j3d3" }, { "vulnerability": "VCID-tqm9-4ch7-s7b3" }, { "vulnerability": "VCID-u2b5-uyd6-fbh9" }, { "vulnerability": "VCID-uuju-ey95-tyfq" }, { "vulnerability": "VCID-y3mv-vmwd-tydt" }, { "vulnerability": "VCID-ypc7-f1nd-t7gn" }, { "vulnerability": "VCID-zdt8-jrn2-m3ff" }, { "vulnerability": "VCID-znv6-77jf-v3gu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.23-1~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037904?format=api", "purl": "pkg:deb/debian/jetty9@9.4.16-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-3f6t-fkt7-wub9" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5qhm-ase5-5qhy" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-ahev-zdjd-gqg1" }, { "vulnerability": "VCID-czhb-gqt2-17av" }, { "vulnerability": "VCID-dvyn-8phs-a3a6" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-gdcf-9axf-1yaq" }, { "vulnerability": "VCID-gq93-ctd4-aqbp" }, { "vulnerability": "VCID-kx4x-gnk4-yugu" }, { "vulnerability": "VCID-kxtv-ma18-8fer" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-nubz-xqaw-tkfr" }, { "vulnerability": "VCID-nyxu-ekhs-gyb5" }, { "vulnerability": "VCID-p7cu-h519-83hx" }, { "vulnerability": "VCID-prd3-mmuv-n3dc" }, { "vulnerability": "VCID-q35p-8qhp-aqec" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-sw3q-jzqx-dkbn" }, { "vulnerability": "VCID-thpu-76e5-j3d3" }, { "vulnerability": "VCID-tqm9-4ch7-s7b3" }, { "vulnerability": "VCID-uuju-ey95-tyfq" }, { "vulnerability": "VCID-y3mv-vmwd-tydt" }, { "vulnerability": "VCID-ypc7-f1nd-t7gn" }, { "vulnerability": "VCID-zdt8-jrn2-m3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.16-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049401?format=api", "purl": "pkg:deb/debian/jetty9@9.4.50-4%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-gdcf-9axf-1yaq" }, { "vulnerability": "VCID-gq93-ctd4-aqbp" }, { "vulnerability": "VCID-kx4x-gnk4-yugu" }, { "vulnerability": "VCID-memq-11qz-9qem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.50-4%252Bdeb11u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/57107?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/251854?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/251855?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/76563?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/367117?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/367118?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/367119?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/367120?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/367121?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/367122?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/367123?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/367124?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/367125?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/367126?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/57111?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/581547?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/59967?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/146385?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@10.0.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/57108?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/251856?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/251857?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-g3ff-brt6-vkeh" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/76564?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/367127?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/367128?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/367129?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/367130?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/367131?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/367132?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/367133?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/367134?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/367135?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/367136?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/57113?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/581550?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" }, { "vulnerability": "VCID-rpc4-u4aq-4qde" }, { "vulnerability": "VCID-thpu-76e5-j3d3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/59968?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/146386?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-memq-11qz-9qem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@11.0.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/57109?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@12.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" }, { "vulnerability": "VCID-9xw3-4a4u-hbbb" }, { "vulnerability": "VCID-q3k2-1x5q-buhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@12.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/146387?format=api", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@12.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ejr-3tea-kydr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-servlets@12.0.3" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6762.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68416", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68389", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68372", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68345", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68325", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6762" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/jetty/jetty.project", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jetty/jetty.project" }, { "reference_url": "https://github.com/jetty/jetty.project/pull/10755", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://github.com/jetty/jetty.project/pull/10755" }, { "reference_url": "https://github.com/jetty/jetty.project/pull/10756", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://github.com/jetty/jetty.project/pull/10756" }, { "reference_url": "https://github.com/jetty/jetty.project/pull/9715", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://github.com/jetty/jetty.project/pull/9715" }, { "reference_url": "https://github.com/jetty/jetty.project/pull/9716", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://github.com/jetty/jetty.project/pull/9716" }, { "reference_url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79" }, { "reference_url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:42:42Z/" } ], "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6762", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6762" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085697", "reference_id": "1085697", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085697" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318562", "reference_id": "2318562", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318562" }, { "reference_url": "https://github.com/advisories/GHSA-r7m4-f9h5-gr79", "reference_id": "GHSA-r7m4-f9h5-gr79", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7m4-f9h5-gr79" } ], "weaknesses": [ { "cwe_id": 400, "name": "Uncontrolled Resource Consumption", "description": "The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources." }, { "cwe_id": 770, "name": "Allocation of Resources Without Limits or Throttling", "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "0.1 - 5.3", "exploitability": "0.5", "weighted_severity": "2.8", "risk_score": 1.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ejr-3tea-kydr" }