1
Candidate: CVE-2016-4800
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4800
5
http://www.ocert.org/advisories/ocert-2016-001.html
7
The path normalization mechanism in PathResource class in Eclipse Jetty
8
9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected
9
resource restrictions and other security constraints via a URL with certain
10
escaped characters, related to backslashes.
19
upstream_jetty: needs-triage
20
precise_jetty: not-affected (jetty 9.3.x only)
21
trusty_jetty: not-affected (jetty 9.3.x only)
22
vivid/stable-phone-overlay_jetty: DNE
23
vivid/ubuntu-core_jetty: DNE
24
wily_jetty: not-affected (jetty 9.3.x only)
25
xenial_jetty: not-affected (jetty 9.3.x only)
26
devel_jetty: not-affected (jetty 9.3.x only)
29
upstream_jetty8: not-affected (jetty 9.3.x only)
31
trusty_jetty8: not-affected (jetty 9.3.x only)
32
vivid/stable-phone-overlay_jetty8: DNE
33
vivid/ubuntu-core_jetty8: DNE
34
wily_jetty8: not-affected (jetty 9.3.x only)
35
xenial_jetty8: not-affected (jetty 9.3.x only)
36
devel_jetty8: not-affected (jetty 9.3.x only)
39
upstream_jetty9: released (9.3.9)
42
vivid/stable-phone-overlay_jetty9: DNE
43
vivid/ubuntu-core_jetty9: DNE
45
xenial_jetty9: not-affected (jetty 9.3.x only)
46
devel_jetty9: not-affected (jetty 9.3.x only)