Vulnerability Instance

Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access
          protected files in the WEB-INF folder. Versions effected are:
          9.4.37.v20210219, 9.4.38.v20210224 and 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5.
          Exploitation can obtain any file in the WEB-INF folder, but web.xml is most likely
          to have information of value.

Stability:
  - crash-safe
Reliability: []
SideEffects:
  - ioc-in-logs