CVE-2023-36479
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in maven/org.eclipse.jetty/jetty-servlets
Identifiers
CVE-2023-36479, GHSA-3gh6-v5v9-6v9j
Package Slug
maven/org.eclipse.jetty/jetty-servlets
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.eclipse.jetty:jetty-servlets.
Affected Versions
All versions starting from 9.0.0 up to 9.4.51, all versions starting from 10.0.0 up to 10.0.15, all versions starting from 11.0.0 up to 11.0.15
Solution
Upgrade to versions 9.4.52, 10.0.16, 11.0.16 or above.
Last Modified
2023-09-15
| source |