fkie_cve-2019-10241
Vulnerability from fkie_nvd
Published
2019-04-22 20:29
Modified
2024-11-21 04:18
Severity ?
Summary
In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:*",
"matchCriteriaId": "D3DBA476-4CBF-457E-B34B-38D363A61FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:*",
"matchCriteriaId": "617652B0-AE6D-40F2-862F-22461469C44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "4741E336-4C6C-4ACA-A7DC-93ED7AF5D0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:*",
"matchCriteriaId": "693C2BDC-B0BA-41C1-8417-A011356E299B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "EFDEBE0B-A00A-45B1-9696-EF15CE33D78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:*",
"matchCriteriaId": "4B821618-500F-4D53-8074-52594B205920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:*",
"matchCriteriaId": "468677A7-4F49-441A-B395-2E91A23DB315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:*",
"matchCriteriaId": "7C6795DC-F74D-4FA5-8101-5EBA1F6C40B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:*",
"matchCriteriaId": "1608313D-051E-404A-8EA4-FA9AE85986C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:*",
"matchCriteriaId": "924C49E5-E895-4FFA-BFBF-FD35F1D387A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:*",
"matchCriteriaId": "85511393-A06D-49E1-A337-F907460202E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:*",
"matchCriteriaId": "171A1985-6507-4FF9-82CA-3A563DD6BB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:*",
"matchCriteriaId": "B808093F-84D9-47E8-A073-1ABE9876ECBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:*",
"matchCriteriaId": "1A9F7AC1-7749-4366-9A8D-8295E67F6F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:*",
"matchCriteriaId": "9A77B21A-B792-406D-B595-A04F2072B845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:*",
"matchCriteriaId": "AFE9FE53-313D-421D-829B-DC10CF445E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:*",
"matchCriteriaId": "647AF59D-9439-4CF3-B3FF-F9349DF2D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:*",
"matchCriteriaId": "C4469A39-4BA5-4F39-8F89-406ADDF71403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "F0629B5B-D242-4835-B9DB-24C94844EE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:*",
"matchCriteriaId": "2E9D6731-E22A-4F17-BEB8-9F9993C54136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "BD85DBCD-F62F-444F-B4D6-7462AC4E3CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:*",
"matchCriteriaId": "F545A49C-86D9-47EF-8B01-855B63B8412E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:*",
"matchCriteriaId": "15F53024-1B27-4F74-BCAE-5160D5C97AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:*",
"matchCriteriaId": "1E6B55AB-3432-4D3B-8EFB-5E9B95D2CAC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:*",
"matchCriteriaId": "E6A7426D-8CE9-4A74-9C91-CBC9E2A71D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:*",
"matchCriteriaId": "3E1A8929-6122-47D4-A166-26CC4D93E47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:*",
"matchCriteriaId": "1D612C4F-5728-4BC8-B546-70F40857A244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:*",
"matchCriteriaId": "A77A4E1D-F90A-4F60-BA5D-94D32C9A24E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:*",
"matchCriteriaId": "7F158635-FC7A-4FCF-8FCD-92749DEABEF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:*",
"matchCriteriaId": "70D77072-129D-411A-B05A-40E33A9B6234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:*",
"matchCriteriaId": "8A43FFDF-7C66-4474-AD85-A5E55C8AE00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:*",
"matchCriteriaId": "54CB12A0-45F2-458F-91AE-EE78DD5B0A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:*",
"matchCriteriaId": "8C145C68-565E-4276-A3C6-F19F0B1A586F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:*",
"matchCriteriaId": "AE5E071A-E847-4BEB-A72D-5DAF66016642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:*",
"matchCriteriaId": "BC93C60A-8D2E-44F9-B5E6-BCCEC8239B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:*",
"matchCriteriaId": "0A86E93C-7941-4105-83C5-9BD51683AA4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*",
"matchCriteriaId": "7E548698-6582-4598-A832-B64483B8D2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*",
"matchCriteriaId": "14AA2E29-F543-4B80-B8DD-F76187E63A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*",
"matchCriteriaId": "9B74BDCF-AF80-4679-8915-7D01E90BF4D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*",
"matchCriteriaId": "580A8553-56D1-41F3-A8A9-5698D3FA7F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*",
"matchCriteriaId": "C2784485-FE0D-454D-B4EC-9F91EE396AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*",
"matchCriteriaId": "C0AD7F68-96BD-442F-BC36-091D19BC1AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "34269139-FB46-4EF8-BE3A-7B130F25B5E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "77FD0118-11CC-41AB-9B12-030B1F6F8EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*",
"matchCriteriaId": "A4D8788C-C718-479B-B441-B3C40F261CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*",
"matchCriteriaId": "EFB22D92-F41A-4C35-8FD6-1A57E9A25132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*",
"matchCriteriaId": "58368FE2-71A7-470B-A918-E5DB97EE5176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*",
"matchCriteriaId": "7D6CC58E-E40C-4D7A-B0EC-CDB5831FDA78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*",
"matchCriteriaId": "612EB189-F829-4426-90CE-EBD75F91E652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*",
"matchCriteriaId": "51C4F42E-99CE-4D4B-89B2-E43EE85FDE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*",
"matchCriteriaId": "2D040A9F-5FE2-48DB-BD7D-83DDB4CE8B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AD6F208D-C7B2-4C3C-9FF7-6BF6618D2DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*",
"matchCriteriaId": "56472E25-401A-411D-9A13-3EAB65025DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*",
"matchCriteriaId": "525AC31D-F470-4E09-88D8-261FFEA88C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*",
"matchCriteriaId": "A5B32089-B410-4D62-8751-8341CC696F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*",
"matchCriteriaId": "327C5D1A-2CB7-4F0C-B0CB-4D8CBB068D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E70AB03E-BE50-43B1-B6BA-BFEFFEE73D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*",
"matchCriteriaId": "9781FB3C-386A-4CB8-B330-B707E8F56F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*",
"matchCriteriaId": "880FD5EC-D796-4232-B587-A99F80FDB68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*",
"matchCriteriaId": "DEB8AEEB-77E4-41E7-A097-2A3DE29DF89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*",
"matchCriteriaId": "D52DFC06-3B44-4675-B7BA-18535B1499C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "83292226-E45E-4B13-963B-36FE18815939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*",
"matchCriteriaId": "1A5D6F9A-3326-4C74-932D-DDE4AD900D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*",
"matchCriteriaId": "FC9739B3-070C-4D1D-BD44-E16DC23D5F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "E6C07F9D-27C0-4A56-97EE-D0392CFEEB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*",
"matchCriteriaId": "0B466BB1-D312-4F4A-9A96-1F88620A970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "A0279CFA-12F5-4D73-9136-3EC240F14107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*",
"matchCriteriaId": "47C060B9-CEED-4D24-BC47-FE1AF604A72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*",
"matchCriteriaId": "AF745A33-0FEF-47E6-B549-8349C6D63B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "39C85CB4-BC76-4E2D-B7FF-72EAF85DA40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*",
"matchCriteriaId": "363C327A-B383-4D07-9442-55254D3284E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*",
"matchCriteriaId": "BDCF78F5-AC04-4F98-A57B-0C60C184589A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*",
"matchCriteriaId": "B655ED4D-1A48-414B-AD5B-AC08644CE7E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*",
"matchCriteriaId": "516E3314-C528-4DEF-B673-829094612C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*",
"matchCriteriaId": "384F3A83-DDD5-4DC2-8257-F3A14BFD79E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*",
"matchCriteriaId": "2688CA0E-2A36-4BAA-88CA-CA00DDA276EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*",
"matchCriteriaId": "6482DF67-9178-409D-A522-68ACF3D08208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*",
"matchCriteriaId": "FEC43E92-04B8-4F90-82C8-6DD2255B2652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*",
"matchCriteriaId": "3BEF4B04-1014-400E-8EAA-EA3DFE968D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*",
"matchCriteriaId": "1C6FD95B-FDFA-412D-BCF7-A17EA87DFA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "C1547494-C1A0-4755-8C0F-53F4084A1ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*",
"matchCriteriaId": "0220E37B-EEBC-4641-AD1C-245DC249F51B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*",
"matchCriteriaId": "CCCC8914-C758-4312-8AA2-B466D5B6C00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*",
"matchCriteriaId": "31A2B1C1-A27E-4479-B2AB-B2B37BC3CCD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*",
"matchCriteriaId": "E449FD93-CD5D-4896-9CE1-DB42BB83A071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:*",
"matchCriteriaId": "271F17A5-5808-4EFB-BE1B-47A38FEA1013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*",
"matchCriteriaId": "ED6F20D8-2C63-47BD-886B-0684EEF89FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*",
"matchCriteriaId": "B12BEFDE-9FB2-42E9-9638-F459FE274935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*",
"matchCriteriaId": "3B755E3B-A128-436E-8EE7-98C7F9194D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*",
"matchCriteriaId": "B8029B2F-D88D-4BB3-9BD2-54EE034A0C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*",
"matchCriteriaId": "9CBDC30D-02D8-4DD2-A0B7-50BCCBAC8A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "C2560BAF-E379-477A-BF68-C836543920C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8BD9164B-4AB4-450C-B3D9-1F14C15ABE67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A59914E6-D3B8-4289-BE31-0AD2EDC81E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "430CDEEE-28CE-4712-AF95-6790775C4028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*",
"matchCriteriaId": "A748119F-A5A1-4428-9BC0-1A8BE09C975C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*",
"matchCriteriaId": "0BC5B393-9BD4-4C26-95D8-50A81CBFF0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*",
"matchCriteriaId": "09CE1987-E5E5-4F54-BC6E-245F4F02EA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*",
"matchCriteriaId": "E3D958FD-DD4D-4732-BE86-7E254E1AAE0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*",
"matchCriteriaId": "A266E261-7C7D-4C1D-BE6D-81FC5D85886D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*",
"matchCriteriaId": "35251CD8-A1E6-445C-8D5F-9ABC61D84B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*",
"matchCriteriaId": "51115706-5A47-4ABF-AC19-274FFEC6C055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*",
"matchCriteriaId": "A0F44C93-7916-49FC-93C5-C215D6C279BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*",
"matchCriteriaId": "E2F9C9C5-0196-4B28-BB68-344E6DBE189A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*",
"matchCriteriaId": "AFCB17E7-B40B-49B9-9353-EE06FC9C08E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*",
"matchCriteriaId": "9C917FAC-2489-4B2D-89A6-CF9E47B6983D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*",
"matchCriteriaId": "16872138-6AF5-418F-998F-1220DA602AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*",
"matchCriteriaId": "3211336E-0EE6-4676-AEFA-A778176C0ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*",
"matchCriteriaId": "387ABF04-9630-4016-B627-E35547970637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*",
"matchCriteriaId": "8346B11B-55C9-4043-AF27-138CFCC64850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*",
"matchCriteriaId": "031909CF-1F8B-494A-9A0A-E6B88ECD9E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*",
"matchCriteriaId": "965AEAF6-AC84-4745-9707-BBB515C80FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*",
"matchCriteriaId": "502FFF92-072B-451A-ADA8-5FCA59362C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*",
"matchCriteriaId": "59E72F2E-48C8-410C-BC9D-732F6E22BA27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*",
"matchCriteriaId": "0DA38E7D-AB43-4384-A78E-820B46093345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*",
"matchCriteriaId": "94C62E25-9929-46E0-8712-2D84DB9811ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5BCC2C7E-C8AA-48B2-9F14-5CD8E824B5AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*",
"matchCriteriaId": "57480EC4-3D0F-4AD6-BC9C-162702C58336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:*",
"matchCriteriaId": "B403CD58-F0F3-4A1E-BBAC-E33B44AD4746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*",
"matchCriteriaId": "BC51FEF3-CF6C-4C67-B40C-825DA7B7AC07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "492760AF-E6C3-490B-B3E9-F354BAFA9B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "788DD7CA-B34B-4036-86BB-80A9361BE4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:*",
"matchCriteriaId": "0634647A-003A-4AE2-8A1E-1220BB949EA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:*",
"matchCriteriaId": "C077D8E8-BF51-4365-8067-AF88C60BFFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:*",
"matchCriteriaId": "38250370-0B8F-4C3A-8309-19EFE912C7A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:activemq:5.15.9:*:*:*:*:*:*:*",
"matchCriteriaId": "70B11FEF-4CBF-4483-A5BD-CDA5AFAE52AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:drill:1.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "235DC57F-22B8-4219-9499-7D005D90A654",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC0B307-B9D2-497B-81CF-B435ABFB1CFA",
"versionEndIncluding": "11.7.0",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFE7E72-D419-4040-81AB-B4934C13909F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*",
"matchCriteriaId": "36FC547E-861A-418C-A314-DA09A457B13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*",
"matchCriteriaId": "DF9FEE51-50E3-41E9-AA0D-272A640F85CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*",
"matchCriteriaId": "E69E905F-2E1A-4462-9082-FF7B10474496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*",
"matchCriteriaId": "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0ED83E3-E6BF-4EAA-AF8F-33485A88A218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA6839-849D-4CEF-85F3-38FE75E07183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE78490-A4BE-40BD-8C72-0A4526BBD4A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE3629-4A66-49E4-A33D-6D81CC94962F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents."
},
{
"lang": "es",
"value": "Eclipse Jetty versiones 9.2.26 y anteriores, 9.3.25 y anteriores, 9.3.25 y anteriores, y 9.4.15 y anteriores. El servidor es vulnerable a un Cross-Site Scripting (XSS) si un cliente remoto emplea una URL especialmente formada contra el DefaultServlet o ResourceHandler que est\u00e9 configurado para mostrar un listado del contenido de los directorios."
}
],
"id": "CVE-2019-10241",
"lastModified": "2024-11-21T04:18:43.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-22T20:29:00.243",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"
},
{
"source": "emo@eclipse.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190509-0003/"
},
{
"source": "emo@eclipse.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"source": "emo@eclipse.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "emo@eclipse.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190509-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…