VDB
GCVE-110-MAGEIA-2017-277
GCVE-110-MAGEIA-2017-277
Advisory Published
Jetty is prone to a timing channel attack in util/security/Password.java, which
makes it easier for remote attackers to obtain access by observing elapsed times
before rejection of incorrect passwords (CVE-2017-9735).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | jetty-test-helper | 0 (affected), 3.1-4.mga6 (unaffected) | — |
| Mageia | jetty-alpn | 8.1.11-3.v20170118.1.mga6 (unaffected), 0 (affected) | — |
| Mageia | jetty | 0 (affected), 9.4.6-1.v20170531.1.1.mga6 (unaffected) | — |
Aliases
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.