Jetty : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
Max CVSS
5.0
EPSS Score
0.44%
Published
2006-06-02
Updated
2008-09-05
Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory.
Max CVSS
5.0
EPSS Score
1.62%
Published
2002-10-11
Updated
2016-10-18
2 vulnerabilities found