{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41221?format=json","vulnerability_id":"VCID-zme4-4qz2-ubhk","summary":"Information Exposure\nFor Eclipse Jetty, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164.","aliases":[{"alias":"CVE-2021-34429"},{"alias":"GHSA-vjv5-gp2w-65vm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99973?format=json","purl":"pkg:deb/debian/jetty9@9.4.39-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.39-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/516840?format=json","purl":"pkg:deb/debian/jetty9@9.4.50-4%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cgz5-kcvx-ayf6"},{"vulnerability":"VCID-j7d1-mrqm-nbgs"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-rv1r-zk1w-yufq"},{"vulnerability":"VCID-t2ub-9a69-dffv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.50-4%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/99954?format=json","purl":"pkg:deb/debian/jetty9@9.4.50-4%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.50-4%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99952?format=json","purl":"pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-1.1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99956?format=json","purl":"pkg:deb/debian/jetty9@9.4.57-1.1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.57-1.1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99955?format=json","purl":"pkg:deb/debian/jetty9@9.4.58-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.58-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/529347?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.43.v20210629","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.43.v20210629"},{"url":"http://public2.vulnerablecode.io/api/packages/58432?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/58433?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.6"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5395?format=json","purl":"pkg:deb/debian/jetty9@9.2.21-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-5fe9-xaas-sff5"},{"vulnerability":"VCID-5sz9-k4jb-97bv"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-9ycy-t7cd-pye3"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-bvfr-4vcq-rubw"},{"vulnerability":"VCID-cgz5-kcvx-ayf6"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-f4kf-f8us-r7gn"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hcjh-un36-euac"},{"vulnerability":"VCID-j7d1-mrqm-nbgs"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"},{"vulnerability":"VCID-rv1r-zk1w-yufq"},{"vulnerability":"VCID-t2ub-9a69-dffv"},{"vulnerability":"VCID-tns7-5q71-2bhx"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-x5gr-c5yu-y3hs"},{"vulnerability":"VCID-y4a2-mamb-yqg6"},{"vulnerability":"VCID-yr1r-w7n9-7ug3"},{"vulnerability":"VCID-zeqx-ex43-uba2"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.21-1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5396?format=json","purl":"pkg:deb/debian/jetty9@9.2.21-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-5fe9-xaas-sff5"},{"vulnerability":"VCID-5sz9-k4jb-97bv"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-9ycy-t7cd-pye3"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-bvfr-4vcq-rubw"},{"vulnerability":"VCID-cgz5-kcvx-ayf6"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-f4kf-f8us-r7gn"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hcjh-un36-euac"},{"vulnerability":"VCID-j7d1-mrqm-nbgs"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"},{"vulnerability":"VCID-rv1r-zk1w-yufq"},{"vulnerability":"VCID-t2ub-9a69-dffv"},{"vulnerability":"VCID-tns7-5q71-2bhx"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-x5gr-c5yu-y3hs"},{"vulnerability":"VCID-y4a2-mamb-yqg6"},{"vulnerability":"VCID-yr1r-w7n9-7ug3"},{"vulnerability":"VCID-zeqx-ex43-uba2"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.21-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/5397?format=json","purl":"pkg:deb/debian/jetty9@9.2.23-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-1ceb-5aaj-zbfn"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-5fe9-xaas-sff5"},{"vulnerability":"VCID-5sz9-k4jb-97bv"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-9ycy-t7cd-pye3"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-bvfr-4vcq-rubw"},{"vulnerability":"VCID-cgz5-kcvx-ayf6"},{"vulnerability":"VCID-emr9-k9h1-vkeb"},{"vulnerability":"VCID-f4kf-f8us-r7gn"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-hcjh-un36-euac"},{"vulnerability":"VCID-j7d1-mrqm-nbgs"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"},{"vulnerability":"VCID-rv1r-zk1w-yufq"},{"vulnerability":"VCID-t2ub-9a69-dffv"},{"vulnerability":"VCID-tns7-5q71-2bhx"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-y4a2-mamb-yqg6"},{"vulnerability":"VCID-yr1r-w7n9-7ug3"},{"vulnerability":"VCID-zeqx-ex43-uba2"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.2.23-1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5398?format=json","purl":"pkg:deb/debian/jetty9@9.4.16-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-2p9t-s37z-b7ac"},{"vulnerability":"VCID-3k1u-qrwz-ubgu"},{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-5fe9-xaas-sff5"},{"vulnerability":"VCID-5sz9-k4jb-97bv"},{"vulnerability":"VCID-9an6-1me1-97fc"},{"vulnerability":"VCID-9qyq-hht8-nqgz"},{"vulnerability":"VCID-9ycy-t7cd-pye3"},{"vulnerability":"VCID-bq5u-wuuv-m7au"},{"vulnerability":"VCID-bvfr-4vcq-rubw"},{"vulnerability":"VCID-cgz5-kcvx-ayf6"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-j7d1-mrqm-nbgs"},{"vulnerability":"VCID-jktf-sads-m7ca"},{"vulnerability":"VCID-k829-sb45-hba9"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-p2fr-edcy-47ct"},{"vulnerability":"VCID-r7rk-5z6r-33a1"},{"vulnerability":"VCID-rv1r-zk1w-yufq"},{"vulnerability":"VCID-t2ub-9a69-dffv"},{"vulnerability":"VCID-tns7-5q71-2bhx"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-y4a2-mamb-yqg6"},{"vulnerability":"VCID-yr1r-w7n9-7ug3"},{"vulnerability":"VCID-zeqx-ex43-uba2"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jetty9@9.4.16-0%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/58428?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.37","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.37"},{"url":"http://public2.vulnerablecode.io/api/packages/296868?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.37.v20210219","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-195a-menm-97az"},{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.37.v20210219"},{"url":"http://public2.vulnerablecode.io/api/packages/80220?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.38.v20210224","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.38.v20210224"},{"url":"http://public2.vulnerablecode.io/api/packages/80225?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.39.v20210325","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.39.v20210325"},{"url":"http://public2.vulnerablecode.io/api/packages/529344?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.40.v20210413","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.40.v20210413"},{"url":"http://public2.vulnerablecode.io/api/packages/529345?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.41.v20210516","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.41.v20210516"},{"url":"http://public2.vulnerablecode.io/api/packages/529346?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.42.v20210604","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.42.v20210604"},{"url":"http://public2.vulnerablecode.io/api/packages/58429?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/80226?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/529348?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/529349?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/529350?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/58430?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3sgb-hpah-vqch"},{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/80227?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/529351?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/529352?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/529353?format=json","purl":"pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3vps-uq7s-nfb7"},{"vulnerability":"VCID-gua7-n9ne-t3hk"},{"vulnerability":"VCID-njhm-y8we-sycj"},{"vulnerability":"VCID-w2z8-sxzw-rugp"},{"vulnerability":"VCID-zme4-4qz2-ubhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-webapp@11.0.5"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34429.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34429","reference_id":"","reference_type":"","scores":[{"value":"0.93778","scoring_system":"epss","scoring_elements":"0.99865","published_at":"2026-06-05T12:55:00Z"},{"value":"0.93778","scoring_system":"epss","scoring_elements":"0.99864","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34429"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34429"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/eclipse/jetty.project","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project"},{"reference_url":"https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.43.v20210629","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.43.v20210629"},{"reference_url":"https://github.com/eclipse/jetty.project/security/advisories/GHSA-vjv5-gp2w-65vm","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/eclipse/jetty.project/security/advisories/GHSA-vjv5-gp2w-65vm"},{"reference_url":"https://lists.apache.org/thread.html/r029c0c6833c8bb6acb094733fd7b75029d633f47a92f1c9d14391fc0@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r029c0c6833c8bb6acb094733fd7b75029d633f47a92f1c9d14391fc0@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r02f940c27e997a277ff14e79e84551382e1081e8978b417e0c2b0857@%3Ccommits.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r02f940c27e997a277ff14e79e84551382e1081e8978b417e0c2b0857@%3Ccommits.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0626f279ebf65506110a897e3a57ccd4072803ee5434b2503e070398@%3Ccommits.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0626f279ebf65506110a897e3a57ccd4072803ee5434b2503e070398@%3Ccommits.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2a3ea27cca2ac7352d392b023b72e824387bc9ff16ba245ec663bdc6@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2a3ea27cca2ac7352d392b023b72e824387bc9ff16ba245ec663bdc6@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2e32390cb7aedb39069e5b18aa130ca53e766258518faee63c31d3ea@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2e32390cb7aedb39069e5b18aa130ca53e766258518faee63c31d3ea@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3aefe613abce594c71ace50088d2529bbde65d08b8e7ff2c2723aaa1@%3Cdev.santuario.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3aefe613abce594c71ace50088d2529bbde65d08b8e7ff2c2723aaa1@%3Cdev.santuario.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c55b0baa4dc38958ae147b2f216e212605f1071297f845e14477d36@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3c55b0baa4dc38958ae147b2f216e212605f1071297f845e14477d36@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r44ea39ca8110de7353bfec88f58aa3aa58a42bb324b8772512ee190c@%3Ccommits.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r44ea39ca8110de7353bfec88f58aa3aa58a42bb324b8772512ee190c@%3Ccommits.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r46900f74dbb7d168aeac43bf0e7f64825376bb7eb74d31a5b33344ce@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r46900f74dbb7d168aeac43bf0e7f64825376bb7eb74d31a5b33344ce@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r46f748c1dc9cf9b6c1c18f6b5bfc3a869907f68f72e17666f2f30f24@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r46f748c1dc9cf9b6c1c18f6b5bfc3a869907f68f72e17666f2f30f24@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4727d282b5c2d951057845a46065d59f6e33132edc0a14f41c26b01e@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4727d282b5c2d951057845a46065d59f6e33132edc0a14f41c26b01e@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r48a93f2bc025acd7c7e341ed3864bfdeb75f0c768d41bc247e1a1f63@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r48a93f2bc025acd7c7e341ed3864bfdeb75f0c768d41bc247e1a1f63@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5678d994d4dd8e7c838eed3bbc1a83a7f6bc62724b0cce67e8892a45@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5678d994d4dd8e7c838eed3bbc1a83a7f6bc62724b0cce67e8892a45@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r679d96f981d4c92724090ed2d5e8565a1d655a72bb315550489f052e@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r679d96f981d4c92724090ed2d5e8565a1d655a72bb315550489f052e@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6e6f50c1ce1fb592cb43e913f5be23df104d50751465f8f1952ace0c@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6e6f50c1ce1fb592cb43e913f5be23df104d50751465f8f1952ace0c@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r721ab6a5fa8d45bec76714b674f5d4caed2ebfeca69ad1d6d4caae6c@%3Cdev.hbase.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r721ab6a5fa8d45bec76714b674f5d4caed2ebfeca69ad1d6d4caae6c@%3Cdev.hbase.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r74fdc446df551fe89a0a16957a1bfdaad19380e0c1afd30625685a9c@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r74fdc446df551fe89a0a16957a1bfdaad19380e0c1afd30625685a9c@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r756443e9d50af7e8c3df82e2c45105f452c8e8195ddbc0c00f58d5fe@%3Ccommits.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r756443e9d50af7e8c3df82e2c45105f452c8e8195ddbc0c00f58d5fe@%3Ccommits.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e991974171a325c82@%3Cdev.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e991974171a325c82@%3Cdev.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e005f034fb1016951@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e005f034fb1016951@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r833a4c8bdbbfeb8a2cd38238e7b59f83edd5c1a0e508b587fc551a46@%3Cissues.hbase.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r833a4c8bdbbfeb8a2cd38238e7b59f83edd5c1a0e508b587fc551a46@%3Cissues.hbase.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8e6c116628c1277c3cf132012a66c46a0863fa2a3037c0707d4640d4@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8e6c116628c1277c3cf132012a66c46a0863fa2a3037c0707d4640d4@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r90e7b4c42a96d74c219e448bee6a329ab0cd3205c44b63471d96c3ab@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r90e7b4c42a96d74c219e448bee6a329ab0cd3205c44b63471d96c3ab@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9d245c6c884bbc804a472116d730c1a01676bf24f93206a34923fc64@%3Ccommits.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9d245c6c884bbc804a472116d730c1a01676bf24f93206a34923fc64@%3Ccommits.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e6158d72ef25077c2dc59fbddade2eacf7d259a2556c97a989f2fe8@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9e6158d72ef25077c2dc59fbddade2eacf7d259a2556c97a989f2fe8@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb33d65c3e5686f2e3b9bb8a032a44163b2f2ad9d31a8727338f213c1@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb33d65c3e5686f2e3b9bb8a032a44163b2f2ad9d31a8727338f213c1@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc26807be68748b3347decdcd03ae183622244b0b4cb09223d4b7e500@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc26807be68748b3347decdcd03ae183622244b0b4cb09223d4b7e500@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcb157f55b9ae41b3076801de927c6fca1669c6d8eaf11a9df5dbeb46@%3Cnotifications.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rcb157f55b9ae41b3076801de927c6fca1669c6d8eaf11a9df5dbeb46@%3Cnotifications.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcea249eb7a0d243f21696e4985de33f3780399bf7b31ea1f6d489b8b@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rcea249eb7a0d243f21696e4985de33f3780399bf7b31ea1f6d489b8b@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re01890eef49d4201018f2c97e26536e3e75f441ecdbcf91986c3bc17@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re01890eef49d4201018f2c97e26536e3e75f441ecdbcf91986c3bc17@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3de01414ccf682fe0951205f806dd8e94440798fd64c55a4941de3e@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re3de01414ccf682fe0951205f806dd8e94440798fd64c55a4941de3e@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re5e9bb535db779506013ef8799dc2a299e77cdad6668aa94c456dba6@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re5e9bb535db779506013ef8799dc2a299e77cdad6668aa94c456dba6@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re850203ef8700cb826534dd4a1cb9f5b07bb8f6f973b39ff7838d3ba@%3Cissues.hbase.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re850203ef8700cb826534dd4a1cb9f5b07bb8f6f973b39ff7838d3ba@%3Cissues.hbase.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210819-0006","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210819-0006"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1985223","reference_id":"1985223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1985223"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991188","reference_id":"991188","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991188"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50478.txt","reference_id":"CVE-2021-34429","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/50478.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-34429","reference_id":"CVE-2021-34429","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-34429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3700","reference_id":"RHSA-2021:3700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0138","reference_id":"RHSA-2022:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0138"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."},{"cwe_id":551,"name":"Incorrect Behavior Order: Authorization Before Parsing and Canonicalization","description":"If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection."},{"cwe_id":863,"name":"Incorrect Authorization","description":"The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions."}],"exploits":[{"date_added":"2021-11-03","description":"Eclipse Jetty 11.0.5 - Sensitive File Disclosure","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":false,"source_date_published":"2021-11-03","exploit_type":"webapps","platform":"java","source_date_updated":"2021-11-03","data_source":"Exploit-DB","source_url":""},{"date_added":null,"description":"Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access\n          protected files in the WEB-INF folder. Versions effected are:\n          9.4.37.v20210219, 9.4.38.v20210224 and 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5.\n          Exploitation can obtain any file in the WEB-INF folder, but web.xml is most likely\n          to have information of value.","required_action":null,"due_date":null,"notes":"Stability:\n  - crash-safe\nReliability: []\nSideEffects:\n  - ioc-in-logs\n","known_ransomware_campaign_use":false,"source_date_published":"2021-07-15","exploit_type":null,"platform":"","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/gather/jetty_web_inf_disclosure.rb"}],"severity_range_score":"4.0 - 6.9","exploitability":"2.0","weighted_severity":"6.2","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zme4-4qz2-ubhk"}