Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Server

Jetty

Eclipse Jetty provides a Web server and javax.servlet container plus support for HTTP/2 WebSocket OSGi JMX JNDI JAAS and many other integrations. These components are open source and available for commercial use and distribution.

Official Site:

https://www.eclipse.org/jetty/

Severity Summary:

Critical: 4 High: 18 Medium: 14 Low: 3
Reference
Title
Severity
CVE-2023-26049
Jetty Vulnerability
Medium
CVE-2021-34429
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-28169
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2009-5046
Jetty Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-27218
Jetty Vulnerability
Medium
CVE-2025-11143
Jetty Improper Input Validation Vulnerability
Medium
CVE-2022-2047
Jetty Improper Input Validation Vulnerability
Low
CVE-2021-34428
Jetty Insufficient Session Expiration Vulnerability
Low
CVE-2021-28163
Jetty Improper Link Resolution Before File Access (Link Following) Vulnerability
Low