Описание
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.
Ссылки
- Issue TrackingVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
Одно из
Одно из
Одно из
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server runnin ...
Information Exposure vulnerability in Eclipse Jetty
Уязвимость контейнера сервлетов Eclipse Jetty, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2