{"url":"http://public2.vulnerablecode.io/api/packages/55938?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26","type":"maven","namespace":"org.eclipse.jetty","name":"jetty-server","version":"9.2.26","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"9.4.57.v20241219","latest_non_vulnerable_version":"12.1.6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40922?format=json","vulnerability_id":"VCID-9qyq-hht8-nqgz","summary":"Cross-site Scripting\nJetty server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the `DefaultServlet` or `ResourceHandler` that is configured for showing a Listing of directory contents.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241","reference_id":"","reference_type":"","scores":[{"value":"0.10411","scoring_system":"epss","scoring_elements":"0.9335","published_at":"2026-06-04T12:55:00Z"},{"value":"0.10411","scoring_system":"epss","scoring_elements":"0.93362","published_at":"2026-06-06T12:55:00Z"},{"value":"0.10411","scoring_system":"epss","scoring_elements":"0.93361","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10241"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428"},{"reference_url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190509-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190509-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190509-0003/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4949","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4949"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924","reference_id":"1705924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705924"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444","reference_id":"928444","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928444"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241","reference_id":"CVE-2019-10241","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10241"},{"reference_url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h","reference_id":"GHSA-7vx9-xjhr-rw6h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7vx9-xjhr-rw6h"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55940?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/55980?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hwnn-v58k-93hp"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.27.v20190403"},{"url":"http://public2.vulnerablecode.io/api/packages/57675?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.25.v20180904"},{"url":"http://public2.vulnerablecode.io/api/packages/57887?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hwnn-v58k-93hp"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.26.v20190403"},{"url":"http://public2.vulnerablecode.io/api/packages/233163?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.15.v20190215"},{"url":"http://public2.vulnerablecode.io/api/packages/57888?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hwnn-v58k-93hp"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.16.v20190411"}],"aliases":["CVE-2019-10241","GHSA-7vx9-xjhr-rw6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qyq-hht8-nqgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40000?format=json","vulnerability_id":"VCID-emr9-k9h1-vkeb","summary":"Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)\nEclipse Jetty contains a vulnerability that could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656","reference_id":"","reference_type":"","scores":[{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92529","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92538","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08531","scoring_system":"epss","scoring_elements":"0.92542","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7656"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-84q7-p226-4x5w","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-84q7-p226-4x5w"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639","reference_id":"1595639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595639"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656","reference_id":"CVE-2017-7656","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55940?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/55941?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-f9tf-uebt-kqcy"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/55942?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7656","GHSA-84q7-p226-4x5w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emr9-k9h1-vkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40012?format=json","vulnerability_id":"VCID-f4kf-f8us-r7gn","summary":"Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)\nIf an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658","reference_id":"","reference_type":"","scores":[{"value":"0.05482","scoring_system":"epss","scoring_elements":"0.90371","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05482","scoring_system":"epss","scoring_elements":"0.90386","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7658"},{"reference_url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658"},{"reference_url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6x9x-8qw9-9pp6"},{"reference_url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eclipse/jetty.project/commit/a285deea42fcab60d9edcf994e458c238a348b55"},{"reference_url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20181014-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181014-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20181014-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4278","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4278"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.securityfocus.com/bid/106566","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106566"},{"reference_url":"http://www.securitytracker.com/id/1041194","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621","reference_id":"1595621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595621"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953","reference_id":"902953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902953"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658","reference_id":"CVE-2017-7658","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3779","reference_id":"RHSA-2020:3779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3779"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55940?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26.v20180806"},{"url":"http://public2.vulnerablecode.io/api/packages/55941?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-f9tf-uebt-kqcy"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-p2fr-edcy-47ct"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.24.v20180605"},{"url":"http://public2.vulnerablecode.io/api/packages/55942?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605"}],"aliases":["CVE-2017-7658","GHSA-6x9x-8qw9-9pp6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4kf-f8us-r7gn"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.26"}