{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T12:29:03.653","vulnerabilities":[{"cve":{"id":"CVE-2007-5615","sourceIdentifier":"cret@cert.org","published":"2007-12-05T11:46:00.000","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de inyección de retorno de carro y salto de línea (CRLF) en Mortbay Jetty anterior a 6.1.6rc0 permite a atacantes remotos inyectar cabeceras HTTP de su elección y llevar a cabo ataques de división de respuesta HTTP mediante vectores no especificados."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mortbay_jetty:jetty:*:*:*:*:*:*:*:*","versionEndIncluding":"6.1.6rc0","matchCriteriaId":"B3118A44-B7FA-4887-AA87-35BFA827A5B7"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","source":"cret@cert.org"},{"url":"http://osvdb.org/42495","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/27925","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/30941","source":"cret@cert.org"},{"url":"http://secunia.com/advisories/35143","source":"cret@cert.org"},{"url":"http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt","source":"cret@cert.org"},{"url":"http://www.kb.cert.org/vuls/id/212984","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"http://www.securityfocus.com/bid/26696","source":"cret@cert.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html","source":"cret@cert.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html","source":"cret@cert.org"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/42495","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/27925","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/30941","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/35143","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.kb.cert.org/vuls/id/212984","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.securityfocus.com/bid/26696","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}