{"url":"http://public2.vulnerablecode.io/api/packages/29145?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.0","type":"maven","namespace":"org.eclipse.jetty","name":"jetty-server","version":"9.3.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"9.4.57.v20241219","latest_non_vulnerable_version":"12.1.6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4866?format=json","vulnerability_id":"VCID-12gq-ezut-ckhz","summary":"","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0910","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0910"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7657.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7657.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7657","reference_id":"","reference_type":"","scores":[{"value":"0.06379","scoring_system":"epss","scoring_elements":"0.91013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06379","scoring_system":"epss","scoring_elements":"0.91038","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06379","scoring_system":"epss","scoring_elements":"0.91036","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91418","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91452","published_at":"2026-05-15T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91388","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91389","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91403","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91445","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91436","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.9139","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91426","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06845","scoring_system":"epss","scoring_elements":"0.91428","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92306","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92336","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.9233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92326","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08417","scoring_system":"epss","scoring_elements":"0.92337","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7657"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595620","reference_id":"1595620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595620"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7657","reference_id":"CVE-2017-7657","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7657"},{"reference_url":"https://github.com/advisories/GHSA-vgg8-72f2-qm23","reference_id":"GHSA-vgg8-72f2-qm23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vgg8-72f2-qm23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"}],"aliases":["CVE-2017-7657","GHSA-vgg8-72f2-qm23"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-12gq-ezut-ckhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10585?format=json","vulnerability_id":"VCID-6uhn-tn81-cyac","summary":"Information Exposure\nIn Eclipse Jetty version, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10246.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10246.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10246","reference_id":"","reference_type":"","scores":[{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85741","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.855","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85512","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85529","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85564","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85576","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85572","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85594","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.856","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85596","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85628","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85647","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.8567","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85687","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85682","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85695","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02583","scoring_system":"epss","scoring_elements":"0.85732","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10246"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546576","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546576"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190509-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190509-0003/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187703","reference_id":"2187703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187703"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10246","reference_id":"CVE-2019-10246","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10246"},{"reference_url":"https://github.com/advisories/GHSA-r28m-g6j9-r2h5","reference_id":"GHSA-r28m-g6j9-r2h5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r28m-g6j9-r2h5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36180?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.27.v20190418","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.27.v20190418"},{"url":"http://public2.vulnerablecode.io/api/packages/36181?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.17.v20190418","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.17.v20190418"}],"aliases":["CVE-2019-10246","GHSA-r28m-g6j9-r2h5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uhn-tn81-cyac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10587?format=json","vulnerability_id":"VCID-ahev-zdjd-gqg1","summary":"Cross-site Scripting\nJetty server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the `DefaultServlet` or `ResourceHandler` that is configured for showing a Listing of directory contents.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241","reference_id":"","reference_type":"","scores":[{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92892","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.93009","published_at":"2026-05-15T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.93003","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9298","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.929","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92973","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92969","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92958","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92942","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92941","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9293","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92932","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.9292","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92904","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92911","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92916","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92919","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09686","scoring_system":"epss","scoring_elements":"0.92938","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428"},{"reference_url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190509-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190509-0003/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4949","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4949"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924","reference_id":"1705924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444","reference_id":"928444","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241","reference_id":"CVE-2019-10241","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241"},{"reference_url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h","reference_id":"GHSA-7vx9-xjhr-rw6h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35714?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904"},{"url":"http://public2.vulnerablecode.io/api/packages/36206?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6uhn-tn81-cyac"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403"},{"url":"http://public2.vulnerablecode.io/api/packages/142110?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215"},{"url":"http://public2.vulnerablecode.io/api/packages/36207?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6uhn-tn81-cyac"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411"}],"aliases":["CVE-2019-10241","GHSA-7vx9-xjhr-rw6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahev-zdjd-gqg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10589?format=json","vulnerability_id":"VCID-czhb-gqt2-17av","summary":"Information Exposure\nIn Eclipse Jetty, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a `DefaultHandler`, which is responsible for reporting this error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10247.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10247","reference_id":"","reference_type":"","scores":[{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86958","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86921","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86908","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86912","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86875","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86852","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03104","scoring_system":"epss","scoring_elements":"0.86845","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04156","scoring_system":"epss","scoring_elements":"0.88687","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04156","scoring_system":"epss","scoring_elements":"0.88686","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04156","scoring_system":"epss","scoring_elements":"0.88691","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04156","scoring_system":"epss","scoring_elements":"0.88677","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90313","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90298","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90332","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90318","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10247"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190509-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190509-0003/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4949","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4949"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705993","reference_id":"1705993","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705993"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444","reference_id":"928444","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10247","reference_id":"CVE-2019-10247","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10247"},{"reference_url":"https://github.com/advisories/GHSA-xc67-hjx6-cgg6","reference_id":"GHSA-xc67-hjx6-cgg6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc67-hjx6-cgg6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36180?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.27.v20190418","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.27.v20190418"},{"url":"http://public2.vulnerablecode.io/api/packages/36181?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.17.v20190418","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.17.v20190418"}],"aliases":["CVE-2019-10247","GHSA-xc67-hjx6-cgg6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czhb-gqt2-17av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4760?format=json","vulnerability_id":"VCID-dznb-x27e-kqan","summary":"Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9735.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9735","reference_id":"","reference_type":"","scores":[{"value":"0.0084","scoring_system":"epss","scoring_elements":"0.749","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0084","scoring_system":"epss","scoring_elements":"0.74894","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0084","scoring_system":"epss","scoring_elements":"0.7484","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74773","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74723","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74753","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74776","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74797","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00844","scoring_system":"epss","scoring_elements":"0.74759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00864","scoring_system":"epss","scoring_elements":"0.75209","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75294","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01278","scoring_system":"epss","scoring_elements":"0.79589","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01278","scoring_system":"epss","scoring_elements":"0.79561","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01278","scoring_system":"epss","scoring_elements":"0.7959","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01313","scoring_system":"epss","scoring_elements":"0.79904","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01313","scoring_system":"epss","scoring_elements":"0.79941","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01313","scoring_system":"epss","scoring_elements":"0.79918","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01319","scoring_system":"epss","scoring_elements":"0.79937","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01319","scoring_system":"epss","scoring_elements":"0.79931","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82458","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9735"},{"reference_url":"https://bugs.debian.org/864631","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/864631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735"},{"reference_url":"https://github.com/eclipse/jetty.project","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58"},{"reference_url":"https://github.com/eclipse/jetty.project/issues/1556","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project/issues/1556"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://web.archive.org/web/20170826163336/http://www.securityfocus.com/bid/99104","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170826163336/http://www.securityfocus.com/bid/99104"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securityfocus.com/bid/99104","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99104"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1464158","reference_id":"1464158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1464158"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864898","reference_id":"864898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864898"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9735","reference_id":"CVE-2017-9735","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9735"},{"reference_url":"https://github.com/advisories/GHSA-wfcc-pff6-rgc5","reference_id":"GHSA-wfcc-pff6-rgc5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wfcc-pff6-rgc5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77938?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.20.v20170531","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12gq-ezut-ckhz"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kvqz-fppe-d7fe"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.20.v20170531"},{"url":"http://public2.vulnerablecode.io/api/packages/32549?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.6.v20170531","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kvqz-fppe-d7fe"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-q54z-9km5-7bf3"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.6.v20170531"}],"aliases":["CVE-2017-9735","GHSA-wfcc-pff6-rgc5"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dznb-x27e-kqan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10498?format=json","vulnerability_id":"VCID-kh4j-dvmk-akaz","summary":"Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server\nIn Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12545.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12545","reference_id":"","reference_type":"","scores":[{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86584","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.8666","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86647","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86654","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86656","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86613","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86594","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86708","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86685","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86686","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86677","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03027","scoring_system":"epss","scoring_elements":"0.86659","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.87808","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.87768","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.87755","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.87758","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.8774","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0354","scoring_system":"epss","scoring_elements":"0.87799","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12545"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096"},{"reference_url":"https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2%40%3Ccommits.accumulo.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2%40%3Ccommits.accumulo.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606%40%3Cdevnull.infra.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606%40%3Cdevnull.infra.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79%40%3Cnotifications.accumulo.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79%40%3Cnotifications.accumulo.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696062","reference_id":"1696062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696062"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12545","reference_id":"CVE-2018-12545","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12545"},{"reference_url":"https://github.com/advisories/GHSA-h2f4-v4c4-6wx4","reference_id":"GHSA-h2f4-v4c4-6wx4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h2f4-v4c4-6wx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35714?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904"},{"url":"http://public2.vulnerablecode.io/api/packages/35713?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.12.v20180830","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.12.v20180830"}],"aliases":["CVE-2018-12545","GHSA-h2f4-v4c4-6wx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kh4j-dvmk-akaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4822?format=json","vulnerability_id":"VCID-kvqz-fppe-d7fe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658","reference_id":"","reference_type":"","scores":[{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92123","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.9213","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92128","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92094","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08038","scoring_system":"epss","scoring_elements":"0.92087","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92484","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92511","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92504","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92477","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92474","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92464","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92454","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92443","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08612","scoring_system":"epss","scoring_elements":"0.92447","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securityfocus.com/bid/106566","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106566"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621","reference_id":"1595621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658","reference_id":"CVE-2017-7658","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/29148?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7658","GHSA-6x9x-8qw9-9pp6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvqz-fppe-d7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4754?format=json","vulnerability_id":"VCID-r725-4tby-87f2","summary":"The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes.","references":[{"reference_url":"http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00092.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00092.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4800.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4800","reference_id":"","reference_type":"","scores":[{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69911","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.6965","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69701","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69718","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.6974","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69726","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69713","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69752","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69762","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69742","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69793","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69801","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69806","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.6978","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69824","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69854","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.6985","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.699","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69645","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69657","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.69673","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4800"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/97af3d663fd22343129e8364d601640649d9eaea","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/97af3d663fd22343129e8364d601640649d9eaea"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190307-0006","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190307-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190307-0006/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190307-0006/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"http://www.ocert.org/advisories/ocert-2016-001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ocert.org/advisories/ocert-2016-001.html"},{"reference_url":"http://www.securityfocus.com/bid/90945","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/90945"},{"reference_url":"http://www.zerodayinitiative.com/advisories/ZDI-16-362","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.zerodayinitiative.com/advisories/ZDI-16-362"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340205","reference_id":"1340205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:m0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:m0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:m0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:m1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:m1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:m1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4800","reference_id":"CVE-2016-4800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4800"},{"reference_url":"https://github.com/advisories/GHSA-872g-2h8h-362q","reference_id":"GHSA-872g-2h8h-362q","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-872g-2h8h-362q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32523?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/173674?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.9.v20160517","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12gq-ezut-ckhz"},{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kvqz-fppe-d7fe"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-u2b5-uyd6-fbh9"},{"vulnerability":"VCID-y3mv-vmwd-tydt"},{"vulnerability":"VCID-znv6-77jf-v3gu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.9.v20160517"}],"aliases":["CVE-2016-4800","GHSA-872g-2h8h-362q"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r725-4tby-87f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4598?format=json","vulnerability_id":"VCID-u2b5-uyd6-fbh9","summary":"In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12536.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12536","reference_id":"","reference_type":"","scores":[{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87272","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87254","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.8726","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87256","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.8724","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87251","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87239","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87212","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87214","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87197","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87187","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0351","scoring_system":"epss","scoring_elements":"0.87759","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0351","scoring_system":"epss","scoring_elements":"0.87719","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0351","scoring_system":"epss","scoring_elements":"0.87751","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03559","scoring_system":"epss","scoring_elements":"0.87739","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03603","scoring_system":"epss","scoring_elements":"0.87855","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03603","scoring_system":"epss","scoring_elements":"0.87838","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03603","scoring_system":"epss","scoring_elements":"0.87852","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03654","scoring_system":"epss","scoring_elements":"0.87919","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03654","scoring_system":"epss","scoring_elements":"0.87907","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12536"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536"},{"reference_url":"https://github.com/eclipse/jetty.project","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/53e8bc2a636707e896fd106fbee3596823c2cdc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/53e8bc2a636707e896fd106fbee3596823c2cdc"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a51920d650d924cc2cea011995624b394437c6e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a51920d650d924cc2cea011995624b394437c6e"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://web.archive.org/web/20200516001904/http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200516001904/http://www.securitytracker.com/id/1041194"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1597418","reference_id":"1597418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1597418"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902774","reference_id":"902774","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902774"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12536","reference_id":"CVE-2018-12536","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12536"},{"reference_url":"https://github.com/advisories/GHSA-9rgv-h7x4-qw8g","reference_id":"GHSA-9rgv-h7x4-qw8g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9rgv-h7x4-qw8g"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/29148?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2018-12536","GHSA-9rgv-h7x4-qw8g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2b5-uyd6-fbh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5060?format=json","vulnerability_id":"VCID-znv6-77jf-v3gu","summary":"In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656","reference_id":"","reference_type":"","scores":[{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91974","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07767","scoring_system":"epss","scoring_elements":"0.91915","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07962","scoring_system":"epss","scoring_elements":"0.9208","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07962","scoring_system":"epss","scoring_elements":"0.92079","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92306","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92353","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92334","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92326","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.9236","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92324","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08324","scoring_system":"epss","scoring_elements":"0.92316","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.924","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92404","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92405","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-84q7-p226-4x5w","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-84q7-p226-4x5w"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6%40%3Cissues.maven.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6%40%3Cissues.maven.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639","reference_id":"1595639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656","reference_id":"CVE-2017-7656","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29147?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kh4j-dvmk-akaz"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/29148?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9xw3-4a4u-hbbb"},{"vulnerability":"VCID-ahev-zdjd-gqg1"},{"vulnerability":"VCID-czhb-gqt2-17av"},{"vulnerability":"VCID-kx4x-gnk4-yugu"},{"vulnerability":"VCID-nubz-xqaw-tkfr"},{"vulnerability":"VCID-nyxu-ekhs-gyb5"},{"vulnerability":"VCID-prd3-mmuv-n3dc"},{"vulnerability":"VCID-q35p-8qhp-aqec"},{"vulnerability":"VCID-q3k2-1x5q-buhy"},{"vulnerability":"VCID-uuju-ey95-tyfq"},{"vulnerability":"VCID-y3mv-vmwd-tydt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7656","GHSA-84q7-p226-4x5w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znv6-77jf-v3gu"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.0"}