{"url":"http://public2.vulnerablecode.io/api/packages/29144?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26","type":"maven","namespace":"org.eclipse.jetty","name":"jetty-server","version":"9.2.26","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"9.4.57.v20241219","latest_non_vulnerable_version":"12.1.6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10587?format=json","vulnerability_id":"VCID-ahev-zdjd-gqg1","summary":"Cross-site Scripting\nJetty server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the `DefaultServlet` or `ResourceHandler` that is configured for showing a Listing of directory contents.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241","reference_id":"","reference_type":"","scores":[{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92892","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.93009","published_at":"2026-05-15T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.93003","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9298","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.929","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92973","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92969","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92958","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92942","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92941","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9293","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92932","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9292","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92904","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92911","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92916","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92919","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92938","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428"},{"reference_url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190509-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190509-0003/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4949","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4949"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924","reference_id":"1705924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444","reference_id":"928444","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241","reference_id":"CVE-2019-10241","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241"},{"reference_url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h","reference_id":"GHSA-7vx9-xjhr-rw6h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29146?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/29189?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6uhn-tn81-cyac"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403"},{"url":"http://public2.vulnerablecode.io/api/packages/35714?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904"},{"url":"http://public2.vulnerablecode.io/api/packages/36206?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6uhn-tn81-cyac"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403"},{"url":"http://public2.vulnerablecode.io/api/packages/142110?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215"},{"url":"http://public2.vulnerablecode.io/api/packages/36207?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6uhn-tn81-cyac"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411"}],"aliases":["CVE-2019-10241","GHSA-7vx9-xjhr-rw6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahev-zdjd-gqg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4822?format=json","vulnerability_id":"VCID-kvqz-fppe-d7fe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658","reference_id":"","reference_type":"","scores":[{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92123","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.9213","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92128","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92094","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92087","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92484","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92511","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92504","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92477","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92474","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92464","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92454","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92443","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92447","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securityfocus.com/bid/106566","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106566"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621","reference_id":"1595621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658","reference_id":"CVE-2017-7658","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29146?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/29148?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7658","GHSA-6x9x-8qw9-9pp6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvqz-fppe-d7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5060?format=json","vulnerability_id":"VCID-znv6-77jf-v3gu","summary":"In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656","reference_id":"","reference_type":"","scores":[{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91974","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91915","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07962","scoring_system":"epss","scoring_elements":"0.9208","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07962","scoring_system":"epss","scoring_elements":"0.92079","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92306","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92353","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92334","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92326","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.9236","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92324","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92316","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.924","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92404","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92405","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-84q7-p226-4x5w","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-84q7-p226-4x5w"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6%40%3Cissues.maven.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6%40%3Cissues.maven.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639","reference_id":"1595639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656","reference_id":"CVE-2017-7656","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29146?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/29148?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7656","GHSA-84q7-p226-4x5w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znv6-77jf-v3gu"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26"}