VDB

GCVE-110-MAGEIA-2017-277

GCVE-110-MAGEIA-2017-277
Advisory Published
Vulnetix · Advisory published August 18, 2017
Jetty is prone to a timing channel attack in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords (CVE-2017-9735).

Affected Products

VendorProductVersionsPlatforms
Mageiajetty-test-helper0 (affected), 3.1-4.mga6 (unaffected)
Mageiajetty-alpn8.1.11-3.v20170118.1.mga6 (unaffected), 0 (affected)
Mageiajetty0 (affected), 9.4.6-1.v20170531.1.1.mga6 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›