Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.eclipse.jetty/jetty-server@9.0.0
Typemaven
Namespaceorg.eclipse.jetty
Namejetty-server
Version9.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.4.57.v20241219
Latest_non_vulnerable_version12.1.6
Affected_by_vulnerabilities
0
url VCID-q3k2-1x5q-buhy
vulnerability_id VCID-q3k2-1x5q-buhy
summary 
Improper Handling of Length Parameter Inconsistency
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40167.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40167
reference_id
reference_type
scores
0
value 0.04833
scoring_system epss
scoring_elements 0.89547
published_at 2026-04-29T12:55:00Z
1
value 0.04833
scoring_system epss
scoring_elements 0.89484
published_at 2026-04-02T12:55:00Z
2
value 0.04833
scoring_system epss
scoring_elements 0.89495
published_at 2026-04-04T12:55:00Z
3
value 0.04833
scoring_system epss
scoring_elements 0.89496
published_at 2026-04-07T12:55:00Z
4
value 0.04833
scoring_system epss
scoring_elements 0.89512
published_at 2026-04-08T12:55:00Z
5
value 0.04833
scoring_system epss
scoring_elements 0.89515
published_at 2026-04-09T12:55:00Z
6
value 0.04833
scoring_system epss
scoring_elements 0.89523
published_at 2026-04-11T12:55:00Z
7
value 0.04833
scoring_system epss
scoring_elements 0.8952
published_at 2026-04-12T12:55:00Z
8
value 0.04833
scoring_system epss
scoring_elements 0.89516
published_at 2026-04-13T12:55:00Z
9
value 0.04833
scoring_system epss
scoring_elements 0.8953
published_at 2026-04-16T12:55:00Z
10
value 0.04833
scoring_system epss
scoring_elements 0.89531
published_at 2026-04-18T12:55:00Z
11
value 0.04833
scoring_system epss
scoring_elements 0.89528
published_at 2026-04-21T12:55:00Z
12
value 0.04833
scoring_system epss
scoring_elements 0.89543
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26048
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26049
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36479
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36479
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40167
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41900
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/eclipse/jetty.project
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse/jetty.project
9
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T18:49:57Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html
10
reference_url https://www.debian.org/security/2023/dsa-5507
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T18:49:57Z/
url https://www.debian.org/security/2023/dsa-5507
11
reference_url https://www.rfc-editor.org/rfc/rfc9110#section-8.6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T18:49:57Z/
url https://www.rfc-editor.org/rfc/rfc9110#section-8.6
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2239634
reference_id 2239634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2239634
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-40167
reference_id CVE-2023-40167
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-40167
14
reference_url https://github.com/advisories/GHSA-hmr7-m48g-48f6
reference_id GHSA-hmr7-m48g-48f6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hmr7-m48g-48f6
15
reference_url https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6
reference_id GHSA-hmr7-m48g-48f6
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T18:49:57Z/
url https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6
16
reference_url https://access.redhat.com/errata/RHSA-2023:5441
reference_id RHSA-2023:5441
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5441
17
reference_url https://access.redhat.com/errata/RHSA-2023:5780
reference_id RHSA-2023:5780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5780
18
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
19
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
20
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
21
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
22
reference_url https://access.redhat.com/errata/RHSA-2024:0797
reference_id RHSA-2024:0797
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0797
fixed_packages
0
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.52.v20230823
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.52.v20230823
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kx4x-gnk4-yugu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.52.v20230823
1
url pkg:maven/org.eclipse.jetty/jetty-server@10.0.16
purl pkg:maven/org.eclipse.jetty/jetty-server@10.0.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@10.0.16
2
url pkg:maven/org.eclipse.jetty/jetty-server@11.0.16
purl pkg:maven/org.eclipse.jetty/jetty-server@11.0.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@11.0.16
3
url pkg:maven/org.eclipse.jetty/jetty-server@12.0.1
purl pkg:maven/org.eclipse.jetty/jetty-server@12.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@12.0.1
aliases CVE-2023-40167, GHSA-hmr7-m48g-48f6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3k2-1x5q-buhy
1
url VCID-u2b5-uyd6-fbh9
vulnerability_id VCID-u2b5-uyd6-fbh9
summary In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12536.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12536.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12536
reference_id
reference_type
scores
0
value 0.03306
scoring_system epss
scoring_elements 0.87272
published_at 2026-04-24T12:55:00Z
1
value 0.03306
scoring_system epss
scoring_elements 0.87254
published_at 2026-04-21T12:55:00Z
2
value 0.03306
scoring_system epss
scoring_elements 0.8726
published_at 2026-04-18T12:55:00Z
3
value 0.03306
scoring_system epss
scoring_elements 0.87256
published_at 2026-04-16T12:55:00Z
4
value 0.03306
scoring_system epss
scoring_elements 0.8724
published_at 2026-04-13T12:55:00Z
5
value 0.03306
scoring_system epss
scoring_elements 0.87245
published_at 2026-04-12T12:55:00Z
6
value 0.03306
scoring_system epss
scoring_elements 0.87251
published_at 2026-04-11T12:55:00Z
7
value 0.03306
scoring_system epss
scoring_elements 0.87239
published_at 2026-04-09T12:55:00Z
8
value 0.03306
scoring_system epss
scoring_elements 0.87232
published_at 2026-04-08T12:55:00Z
9
value 0.03306
scoring_system epss
scoring_elements 0.87212
published_at 2026-04-07T12:55:00Z
10
value 0.03306
scoring_system epss
scoring_elements 0.87214
published_at 2026-04-04T12:55:00Z
11
value 0.03306
scoring_system epss
scoring_elements 0.87197
published_at 2026-04-02T12:55:00Z
12
value 0.03306
scoring_system epss
scoring_elements 0.87187
published_at 2026-04-01T12:55:00Z
13
value 0.03559
scoring_system epss
scoring_elements 0.87739
published_at 2026-04-26T12:55:00Z
14
value 0.03654
scoring_system epss
scoring_elements 0.87907
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12536
2
reference_url https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536
4
reference_url https://github.com/eclipse/jetty.project
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse/jetty.project
5
reference_url https://github.com/eclipse/jetty.project/commit/53e8bc2a636707e896fd106fbee3596823c2cdc
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/commit/53e8bc2a636707e896fd106fbee3596823c2cdc
6
reference_url https://github.com/eclipse/jetty.project/commit/a51920d650d924cc2cea011995624b394437c6e
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/commit/a51920d650d924cc2cea011995624b394437c6e
7
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
9
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
10
reference_url https://security.netapp.com/advisory/ntap-20181014-0001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181014-0001
11
reference_url https://security.netapp.com/advisory/ntap-20181014-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20181014-0001/
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us
13
reference_url https://web.archive.org/web/20200516001904/http://www.securitytracker.com/id/1041194
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200516001904/http://www.securitytracker.com/id/1041194
14
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
15
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
16
reference_url http://www.securitytracker.com/id/1041194
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041194
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1597418
reference_id 1597418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1597418
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902774
reference_id 902774
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902774
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12536
reference_id CVE-2018-12536
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-12536
25
reference_url https://github.com/advisories/GHSA-9rgv-h7x4-qw8g
reference_id GHSA-9rgv-h7x4-qw8g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9rgv-h7x4-qw8g
26
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
fixed_packages
0
url pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403
purl pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6uhn-tn81-cyac
1
vulnerability VCID-9xw3-4a4u-hbbb
2
vulnerability VCID-czhb-gqt2-17av
3
vulnerability VCID-nubz-xqaw-tkfr
4
vulnerability VCID-prd3-mmuv-n3dc
5
vulnerability VCID-q35p-8qhp-aqec
6
vulnerability VCID-q3k2-1x5q-buhy
7
vulnerability VCID-y3mv-vmwd-tydt
8
vulnerability VCID-znv6-77jf-v3gu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403
1
url pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605
purl pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9xw3-4a4u-hbbb
1
vulnerability VCID-ahev-zdjd-gqg1
2
vulnerability VCID-czhb-gqt2-17av
3
vulnerability VCID-kh4j-dvmk-akaz
4
vulnerability VCID-nubz-xqaw-tkfr
5
vulnerability VCID-prd3-mmuv-n3dc
6
vulnerability VCID-q35p-8qhp-aqec
7
vulnerability VCID-q3k2-1x5q-buhy
8
vulnerability VCID-y3mv-vmwd-tydt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605
2
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9xw3-4a4u-hbbb
1
vulnerability VCID-ahev-zdjd-gqg1
2
vulnerability VCID-czhb-gqt2-17av
3
vulnerability VCID-kx4x-gnk4-yugu
4
vulnerability VCID-nubz-xqaw-tkfr
5
vulnerability VCID-nyxu-ekhs-gyb5
6
vulnerability VCID-prd3-mmuv-n3dc
7
vulnerability VCID-q35p-8qhp-aqec
8
vulnerability VCID-q3k2-1x5q-buhy
9
vulnerability VCID-uuju-ey95-tyfq
10
vulnerability VCID-y3mv-vmwd-tydt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605
aliases CVE-2018-12536, GHSA-9rgv-h7x4-qw8g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2b5-uyd6-fbh9
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.0.0