Skip to content

Jetty Uses Predictable Session Identifiers

Moderate severity GitHub Reviewed Published May 1, 2022 to the GitHub Advisory Database • Updated Feb 12, 2024

Package

maven org.eclipse.jetty:jetty-server (Maven)

Affected versions

< 4.2.27
>= 5.1.0, < 5.1.12
>= 6.0.0, < 6.0.2
>= 6.1.0pre1, < 6.1.0pre3

Patched versions

4.2.27
5.1.12
6.0.2
6.1.0pre3

Description

Published by the National Vulnerability Database Feb 7, 2007
Published to the GitHub Advisory Database May 1, 2022
Reviewed Feb 12, 2024
Last updated Feb 12, 2024

Severity

Moderate

EPSS score

14.164%
(96th percentile)

Weaknesses

CVE ID

CVE-2006-6969

GHSA ID

GHSA-jg2x-r643-w2ch
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.