Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1xbWdqLTVoNzUtanI2N82FRA

Jetty Directory Traversal Vulnerability

Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.

Permalink: https://github.com/advisories/GHSA-qmgj-5h75-jr67
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xbWdqLTVoNzUtanI2N82FRA
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 2 months ago


Identifiers: GHSA-qmgj-5h75-jr67, CVE-2006-2758
References: Blast Radius: 0.0

Affected Packages

maven:org.mortbay.jetty:jetty
Dependent packages: 1,149
Dependent repositories: 15,554
Downloads:
Affected Version Ranges: <= 6.0.beta16
No known fixed version
All affected versions: