Known Vulnerabilities for products from Mortbay
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Mortbay".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2011-4461 json | Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisio... | 5.3 - MEDIUM | 2011-12-30 | 2019-03-08 |
| CVE-2009-5049 json | WebApp JSP Snoop page XSS in jetty though 6.1.21. | 6.1 - MEDIUM | 2019-11-06 | 2019-11-08 |
| CVE-2009-5048 json | Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20. | 6.1 - MEDIUM | 2019-11-06 | 2019-11-07 |
| CVE-2009-4612 json | Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow... | Not Provided | 2010-01-13 | 2026-04-23 |
| CVE-2009-4611 json | Mort Bay Jetty 6.x through 6.1.22 and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might al... | Not Provided | 2010-01-13 | 2026-04-23 |
| CVE-2009-4610 json | Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrar... | Not Provided | 2010-01-13 | 2026-04-23 |
| CVE-2009-4609 json | The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal varia... | Not Provided | 2010-01-13 | 2026-04-23 |
| CVE-2009-3579 json | Cross-site scripting (XSS) vulnerability in the CookieDump.java sample application in Mort Bay Jetty 6.1.19 and 6.1.20 allows... | Not Provided | 2009-10-07 | 2026-04-23 |
| CVE-2009-1524 json | Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web scri... | Not Provided | 2009-05-05 | 2026-04-23 |
| CVE-2009-1523 json | Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 al... | Not Provided | 2009-05-05 | 2026-04-23 |
| CVE-2005-3747 json | Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involvin... | Not Provided | 2005-11-22 | 2025-04-03 |
Known software with vulnerabilities from Mortbay
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mortbay | Jetty | 1.0 |