Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.eclipse.jetty/jetty-server@6.0.0
purl pkg:maven/org.eclipse.jetty/jetty-server@6.0.0
Next non-vulnerable version 6.0.2
Latest non-vulnerable version 12.1.6
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-y254-5dqg-c7bz
Aliases:
CVE-2006-6969
GHSA-jg2x-r643-w2ch
Jetty Uses Predictable Session Identifiers Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks.
6.0.2
Affected by 0 other vulnerabilities.
6.1.0pre3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-31T00:56:04.980838+00:00 GHSA Importer Affected by VCID-y254-5dqg-c7bz https://github.com/advisories/GHSA-jg2x-r643-w2ch 38.6.0
2026-05-30T20:57:50.194977+00:00 GitLab Importer Affected by VCID-y254-5dqg-c7bz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty/jetty-server/CVE-2006-6969.yml 38.6.0