Lucene search
GoogleOSV:GHSA-FVH3-4V5R-CVVCHistoryMay 01, 2022 - 6:35 p.m.
Improper Authentication in Mortbay Jetty
2022-05-0118:35:01
Google
osv.dev
23
mortbay jetty
improper authentication
html cookie parameters
remote attackers
browser sessions
EPSS
0.03
Percentile
91.1%
Mortbay Jetty before 6.1.6rc1 does not properly handle “certain quote sequences” in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
Related
cvelist
cvelist
CVE-2007-5614
2007-12-05 11:00:00
cve
cve
CVE-2007-5614
2007-12-05 11:46:00
github
github
Improper Authentication in Mortbay Jetty
2022-05-01 18:35:01
redhatcve
redhatcve
CVE-2007-5614
2019-10-04 21:10:06
veracode
veracode
Session Hijacking
2018-11-15 01:29:46
prion
prion
Hardcoded credentials
2007-12-05 11:46:00
nvd
nvd
CVE-2007-5614
2007-12-05 11:46:00
cert
cert
Mortbay Jetty fails to properly handle cookies with quotes
2007-12-04 00:00:00
openvas
openvas
Fedora Update for jetty FEDORA-2008-6164
2009-02-17 00:00:00
Fedora Update for jetty FEDORA-2008-6141
2009-02-17 00:00:00
FreeBSD Ports: jetty
2008-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: jetty-5.1.14-1jpp.2.fc9
2008-07-06 06:16:00
[SECURITY] Fedora 8 Update: jetty-5.1.14-1jpp.1.fc8
2008-07-06 06:17:49
freebsd
freebsd
jetty -- multiple vulnerabilities
2007-12-05 00:00:00
nessus
nessus
FreeBSD : jetty -- multiple vulnerabilities (6ae7cef2-a6ae-11dc-95e6-000c29c5647f)
2007-12-11 00:00:00
Fedora 9 : jetty-5.1.14-1jpp.2.fc9 (2008-6141)
2008-07-08 00:00:00
Fedora 8 : jetty-5.1.14-1jpp.1.fc8 (2008-6164)
2008-07-08 00:00:00