CVE-2019-10247

In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.
References
Link Resource
https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577 Issue Tracking Vendor Advisory
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20190509-0003/ Third Party Advisory
https://www.debian.org/security/2021/dsa-4949 Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:eclipse:jetty:7.0.0:20091005:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_4:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.0:rc6:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.1:20091125:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.2:20100331:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.0.2:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.0:20100505:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.1:20100517:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.2:20100523:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.3:20100526:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.4:20100610:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.5:20100705:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.1.6:20100715:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.2.0:20101020:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.2.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.2.1:20101111:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.2.2:20101205:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.3.0:20110203:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.3.1:20110307:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.0:20110414:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.1:20110513:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.2:20110526:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.3:20110630:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.3:20110701:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.4:20110707:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.4.5:20110725:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.0:20110901:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.1:20110908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.2:20111006:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.3:20111011:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.5.4:20111024:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:20120125:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:20120127:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc4:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.0:rc5:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.1:20120215:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.2:20120302:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.2:20120308:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.3:20120413:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.3:20120416:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.4:20120522:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.4:20120524:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.5:20120713:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.5:20120716:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.6:20120903:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.7:20120910:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.8:20121106:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.9:20130131:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.10:20130312:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.11:20130520:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.11:20130725:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.12:20130726:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.13:20130910:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.14:20131031:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.15:20140411:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.16:20140903:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.17:20150415:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.18:20150929:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.19:20160209:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.20:20160902:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:7.6.21:20160908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:20110901:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.1:20110908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.2:20111006:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.3:20111011:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.0.4:20111024:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:20120127:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:rc4:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.0:rc5:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.1:20120215:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.2:20120302:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.2:20120308:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.3:20120416:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.4:20120524:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.5:20120713:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.5:20120716:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.6:20120903:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.7:20120910:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.8:20121106:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.9:20130131:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.10:20130312:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.11:20130520:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.12:20130725:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.12:20130726:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.13:20130910:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.13:20130916:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.14:20131031:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.15:20140411:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.16:20140903:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.17:20150415:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.18:20150929:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.19:20160209:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.20:20160902:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.21:20160908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.1.22:20160922:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:8.2.0:20160908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:20130308:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:m5:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_4:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_5:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.1:20130408:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.2:20130417:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.2:20140415:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.3:20130506:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.4:20130621:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.4:20130625:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.5:20130813:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.5:20130815:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.6:20130919:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.6:20130930:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.7:20131031:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.0.7:20131107:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.0:20131115:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.1:20140108:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.2:20140210:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.3:20140225:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.4:20140401:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.5:20140505:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.6:20151106:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.1.6:20160112:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.2.27:20190403:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.3.26:20190403:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:sap:*:*
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:storage_services_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:autovue:21.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:6.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:unified_directory:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:unified_directory:12.2.1.4.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

07 Nov 2023, 03:02

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E', 'name': '[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E', 'name': '[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E', 'name': '[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E', 'name': '[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190723 [jira] [Created] (AMQ-7249) Security Vulnerabilities in the ActiveMQ dependent jars.', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4%40%3Cissues.activemq.apache.org%3E -
  • () https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E -
  • () https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E -
  • () https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E -
  • () https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E -
  • () https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E -

Information

Published : 2019-04-22 20:29

Updated : 2024-02-28 17:08


NVD link : CVE-2019-10247

Mitre link : CVE-2019-10247

CVE.ORG link : CVE-2019-10247


JSON object : View

Products Affected

debian

  • debian_linux

netapp

  • storage_services_connector
  • snap_creator_framework
  • vasa_provider_for_clustered_data_ontap
  • snapmanager
  • oncommand_system_manager
  • element
  • virtual_storage_console
  • snapcenter
  • storage_replication_adapter_for_clustered_data_ontap

oracle

  • communications_session_report_manager
  • enterprise_manager_base_platform
  • flexcube_core_banking
  • retail_xstore_point_of_service
  • flexcube_private_banking
  • communications_analytics
  • data_integrator
  • autovue
  • hospitality_guest_access
  • fmw_platform
  • endeca_information_discovery_integrator
  • communications_element_manager
  • communications_session_route_manager
  • unified_directory
  • communications_services_gatekeeper

eclipse

  • jetty
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-213

Exposure of Sensitive Information Due to Incompatible Policies