Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1xbWdqLTVoNzUtanI2N82FRA
Jetty Directory Traversal Vulnerability
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c
(encoded ../
) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xbWdqLTVoNzUtanI2N82FRA
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 2 years ago
Updated: 3 months ago
Identifiers: GHSA-qmgj-5h75-jr67, CVE-2006-2758
References:
- https://nvd.nist.gov/vuln/detail/CVE-2006-2758
- https://web.archive.org/web/20200302050157/http://securitytracker.com/id?1016168
- https://github.com/advisories/GHSA-qmgj-5h75-jr67
Affected Packages
maven:org.mortbay.jetty:jetty
Dependent packages: 1,149Dependent repositories: 15,554
Downloads:
Affected Version Ranges: <= 6.0.beta16
No known fixed version
All affected versions: