Vulnerability Name: CVE-2019-10241 (CCN-160676) Assigned: 2019-04-22 Published: 2019-04-22 Updated: 2022-04-22 Summary: In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. CVSS v3 Severity: 6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): RequiredScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): None
6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): RequiredScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-79 Vulnerability Consequences: Cross-Site Scripting References: Source: MITRECVE-2019-10241 (CVE-2019-10241) - Jetty CVE Request: DefaultServlet / ResourceHandler XSS https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121 eclipse-cve201910241-xss(160676) [kafka-jira] 20190503 [jira] [Resolved] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 [activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar [kafka-jira] 20190501 [jira] [Created] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities [kafka-dev] 20190503 [jira] [Resolved] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 [activemq-issues] 20190723 [jira] [Created] (AMQ-7249) Security Vulnerabilities in the ActiveMQ dependent jars. [kafka-jira] 20190503 [jira] [Assigned] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 [kafka-dev] 20190501 [jira] [Created] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities [debian-lts-announce] 20210514 [SECURITY] [DLA 2661-1] jetty9 security update https://security.netapp.com/advisory/ntap-20190509-0003/ DSA-4949 Jetty - Servlet Engine and Http Server IBM Network Performance Insight (CVE-2019-10241, CVE-2019-10247) Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2019-10241, CVE-2019-10246 & CVE-2019-10247) Java Vulnerability Affects IBM Connect:Direct Web Services (CVE-2019-10246, CVE-2019-10247, CVE-2019-10241 & CVE-2018-12545) Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator (CVE-2018-12545, CVE-2019-10241) IBM Security Guardium Insights is affected by a Components with known vulnerabilities Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis IBM Cognos Analytics has addressed multiple vulnerabilities Vulnerability in Eclipse Jetty affects IBM Process Mining (Multiple CVEs) IBM Security Verify Governance is vulnerable to multiple vulnerabilities due to Eclipse Jetty IBM Cognos Command Center is affected by multiple vulnerabilities IBM Storage Protect Server is vulnerable to various attacks due to Eclipse jetty https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html CVE-2019-10241 Vulnerable Configuration: Configuration 1 :cpe:/a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:* Configuration 2 :cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:* Configuration 3 :cpe:/a:apache:activemq:5.15.9:*:*:*:*:*:*:* OR cpe:/a:apache:drill:1.16.0:*:*:*:*:*:*:* Configuration 4 :cpe:/a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:* OR cpe:/a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:* (Version >= 11.5.0 and <= 11.7.0) OR cpe:/a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:* OR cpe:/a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:* OR cpe:/a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:* OR cpe:/a:oracle:rest_data_services:18c:*:*:*:-:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:* OR cpe:/a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:* AND cpe:/a:ibm:content_classification:8.8:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.0:*:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.1:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.3:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.4:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.5:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.6:*:*:*:*:*:*:* OR cpe:/a:ibm:security_guardium_insights:2.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:p4:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.0:-:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.1:-:*:*:*:*:*:* OR cpe:/a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:* Oval Definitions BACK
eclipse jetty 9.2.6 20141205
eclipse jetty 9.2.7 20150116
eclipse jetty 9.2.8 20150217
eclipse jetty 9.2.9 20150224
eclipse jetty 9.2.19 20160908
eclipse jetty 9.2.20 20161216
eclipse jetty 9.2.21 20170120
eclipse jetty 9.2.22 20170606
eclipse jetty 9.3.2 20150730
eclipse jetty 9.3.3 20150825
eclipse jetty 9.3.3 20150827
eclipse jetty 9.3.4 20151005
eclipse jetty 9.3.9 maintenance_0
eclipse jetty 9.3.9 maintenance_1
eclipse jetty 9.3.10 20160621
eclipse jetty 9.3.10 maintenance_0
eclipse jetty 9.3.11 20160721
eclipse jetty 9.3.20 20170531
eclipse jetty 9.3.21 20170918
eclipse jetty 9.3.21 maintenance_0
eclipse jetty 9.3.21 rc0
eclipse jetty 9.4.1 20170120
eclipse jetty 9.4.1 20180619
eclipse jetty 9.4.2 20170220
eclipse jetty 9.4.2 20180619
eclipse jetty 9.4.8 20180619
eclipse jetty 9.4.9 20180320
eclipse jetty 9.4.10 20180503
eclipse jetty 9.4.10 rc0
eclipse jetty 9.2.0 maintenance_1
eclipse jetty 9.2.0 rc0
eclipse jetty 9.2.1 20140609
eclipse jetty 9.2.2 20140723
eclipse jetty 9.2.12 maintenance_0
eclipse jetty 9.2.13 20150730
eclipse jetty 9.2.14 20151106
eclipse jetty 9.2.15 20160210
eclipse jetty 9.3.0 20150601
eclipse jetty 9.3.0 20150608
eclipse jetty 9.3.0 20150612
eclipse jetty 9.3.0 maintenance2
eclipse jetty 9.3.6 20151106
eclipse jetty 9.3.7 20160115
eclipse jetty 9.3.7 rc0
eclipse jetty 9.3.7 rc1
eclipse jetty 9.3.14 20161028
eclipse jetty 9.3.15 20161220
eclipse jetty 9.3.16 20170119
eclipse jetty 9.3.16 20170120
eclipse jetty 9.4.0 20161207
eclipse jetty 9.4.0 20161208
eclipse jetty 9.4.0 20180619
eclipse jetty 9.4.0 maintenance_0
eclipse jetty 9.4.0 maintenance_1
eclipse jetty 9.4.4 20180619
eclipse jetty 9.4.5 20170502
eclipse jetty 9.4.5 20180619
eclipse jetty 9.4.6 20170531
eclipse jetty 9.4.12 rc1
eclipse jetty 9.4.12 rc2
eclipse jetty 9.4.13 20181111
eclipse jetty 9.4.14 20181114
eclipse jetty 9.2.0 20140526
eclipse jetty 9.2.4 20141103
eclipse jetty 9.2.6 20141203
eclipse jetty 9.2.10 20150310
eclipse jetty 9.2.11 20150529
eclipse jetty 9.2.12 20150709
eclipse jetty 9.2.16 20160407
eclipse jetty 9.2.17 20160517
eclipse jetty 9.2.24 20180105
eclipse jetty 9.2.26 20180806
eclipse jetty 9.3.0 maintenance0
eclipse jetty 9.3.0 rc0
eclipse jetty 9.3.1 20150714
eclipse jetty 9.3.4 20151007
eclipse jetty 9.3.4 rc1
eclipse jetty 9.3.8 20160314
eclipse jetty 9.3.9 20160517
eclipse jetty 9.3.12 20160915
eclipse jetty 9.3.13 maintenance_0
eclipse jetty 9.3.17 20170317
eclipse jetty 9.3.18 20170406
eclipse jetty 9.3.23 20180228
eclipse jetty 9.3.25 20180904
eclipse jetty 9.4.0 rc1
eclipse jetty 9.4.0 rc3
eclipse jetty 9.4.3 20170317
eclipse jetty 9.4.4 20170410
eclipse jetty 9.4.7 20170914
eclipse jetty 9.4.7 rc0
eclipse jetty 9.4.11 20180605
eclipse jetty 9.4.12 rc0
eclipse jetty 9.4.15 20190215
eclipse jetty 9.2.0 20140523
eclipse jetty 9.2.0 maintenance_0
eclipse jetty 9.2.3 20140905
eclipse jetty 9.2.5 20141112
eclipse jetty 9.2.11 20150528
eclipse jetty 9.2.11 maintenance_0
eclipse jetty 9.2.16 20160414
eclipse jetty 9.2.18 20160721
eclipse jetty 9.2.23 20171218
eclipse jetty 9.2.25 20180606
eclipse jetty 9.3.0 maintenance1
eclipse jetty 9.3.0 rc1
eclipse jetty 9.3.4 rc0
eclipse jetty 9.3.5 20151012
eclipse jetty 9.3.8 20160311
eclipse jetty 9.3.8 rc0
eclipse jetty 9.3.11 maintenance_0
eclipse jetty 9.3.13 20161014
eclipse jetty 9.3.17 rc0
eclipse jetty 9.3.19 20170502
eclipse jetty 9.3.22 20171030
eclipse jetty 9.3.24 20180605
eclipse jetty 9.4.0 rc0
eclipse jetty 9.4.0 rc2
eclipse jetty 9.4.3 20180619
eclipse jetty 9.4.4 20170414
eclipse jetty 9.4.6 20180619
eclipse jetty 9.4.7 20180619
eclipse jetty 9.4.8 20171121
eclipse jetty 9.4.10 rc1
eclipse jetty 9.4.12 20180830
debian debian linux 9.0
debian debian linux 10.0
apache activemq 5.15.9
apache drill 1.16.0
oracle flexcube core banking 5.2.0
oracle flexcube core banking *
oracle rest data services 11.2.0.4
oracle rest data services 12.1.0.2
oracle rest data services 12.2.0.1
oracle rest data services 18c
oracle retail xstore point of service 7.1
oracle retail xstore point of service 15.0
oracle retail xstore point of service 16.0
oracle retail xstore point of service 17.0
eclipse jetty 9.2.26 20180806
eclipse jetty 9.3.25 20180904
eclipse jetty 9.4.15 20190215
ibm content classification 8.8
ibm cognos analytics 11.0
ibm qradar security information and event manager 7.3.0
ibm sterling b2b integrator 5.2.0.0
ibm cognos command center 10.2.4.1
ibm cognos analytics 11.1
ibm sterling b2b integrator 6.0.3.1
ibm log analysis 1.3.1
ibm log analysis 1.3.2
ibm log analysis 1.3.3
ibm log analysis 1.3.4
ibm log analysis 1.3.5
ibm log analysis 1.3.6
ibm security guardium insights 2.0.1
ibm security guardium data encryption 3.0.0.2
ibm qradar security information and event manager 7.3.3 p4
ibm qradar security information and event manager 7.4.0
ibm qradar security information and event manager 7.4.1 -
ibm security verify governance 10.0
Denotes that component is vulnerable