[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-36479":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":30,"aliases":40,"duplicate_of":9,"upstream":42,"downstream":43,"duplicates":58,"related":59,"reserved_at":9,"published_at":71,"modified_at":72,"state":73,"summary":74,"references_raw":81,"kevs":126,"epss":127,"epss_history":130,"metrics":388,"affected":401},"CVE-2023-36479","Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-149","Improper Neutralization of Quoting Syntax","Quotes injected into a product can be used to compromise a system. As data are parsed, an injected/absent/duplicate/malformed use of quotes may cause the process to take unexpected actions.","weakness","Draft","Variant",[19],{"id":20,"name":21,"techniques":22},"CAPEC-468","Generic Cross-Browser Cross-Domain Theft",[],{"_key":24,"id":24,"name":25,"description":26,"type":27,"status":28,"abstraction":9,"likelihood_of_exploit":9,"capec":29},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[31],{"_key":32,"name":33,"source":34,"url":35,"maturity":36,"reliability_score":37,"verified":38,"type":9,"platforms":39,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_ECLIPSE_JETTY.PROJECT","Jetty.Project","github","https://github.com/eclipse/jetty.project/blob/jetty-9.2.x/advisories/2015-02-24-httpparser-error-buffer-bleed.md","poc",0.3,false,[],[41],"GHSA-3gh6-v5v9-6v9j",[],[44,46,48,50,52,54,56],{"_key":45},"UBUNTU-CVE-2023-36479",{"_key":47},"SUSE-SU-2023:4210-1",{"_key":49},"DLA-3592-1",{"_key":51},"DSA-5507-1",{"_key":53},"DEBIAN-CVE-2023-36479",{"_key":55},"RHSA-2024:0797",{"_key":57},"RHSA-2024:2010",[],[60,61,63,65,67,69],{"_key":47},{"_key":62},"CGA-43HC-98FX-VR64",{"_key":64},"CGA-FQ64-7X7J-66Q4",{"_key":66},"CGA-WHVP-WPV8-PX35",{"_key":68},"CGA-XX36-6XHX-6C36",{"_key":70},"CGA-4JCH-HFV5-2V2V","2023-09-15T18:37:35.948Z","2025-06-18T14:41:11.113Z","Analyzed",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":75,"epss_score":76,"severity":75,"severity_score":77,"severity_version":78,"severity_source":79,"severity_vector":80,"severity_status":73},"low",0.01383,3.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",[82,93,98,102,106,112,116,121],{"url":83,"sources":84,"tags":87},"https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j",[79,85,86],"nvd","osv_maven",[88,89,90,91,92],"X Refsource CONFIRM","Exploit","Patch","Vendor Advisory","WEB",{"url":94,"sources":95,"tags":96},"https://github.com/eclipse/jetty.project/pull/9516",[79,85,86],[97,90,92],"X Refsource MISC",{"url":99,"sources":100,"tags":101},"https://github.com/eclipse/jetty.project/pull/9888",[79,85,86],[97,90,92],{"url":103,"sources":104,"tags":105},"https://github.com/eclipse/jetty.project/pull/9889",[79,85,86],[97,90,92],{"url":107,"sources":108,"tags":109},"https://www.debian.org/security/2023/dsa-5507",[79,85,86],[110,111,92],"Mailing List","Third Party Advisory",{"url":113,"sources":114,"tags":115},"https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html",[79,85,86],[110,111,92],{"url":117,"sources":118,"tags":119},"https://nvd.nist.gov/vuln/detail/CVE-2023-36479",[86],[120],"Advisory",{"url":122,"sources":123,"tags":124},"https://github.com/eclipse/jetty.project",[86],[125],"PACKAGE",[],{"date":128,"score":76,"percentile":129},"2026-06-04",0.80641,[131,135,138,141,144,147,150,153,156,159,162,165,168,170,173,177,179,182,185,188,190,192,195,198,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,254,257,260,263,266,269,272,275,278,281,284,287,291,294,297,300,302,305,307,309,312,314,317,320,323,326,328,331,333,336,339,342,345,348,351,354,356,358,361,364,367,370,372,375,378,380,382,385],{"date":132,"score":133,"percentile":134},"2025-11-04",0.00794,0.73188,{"date":136,"score":133,"percentile":137},"2025-11-05",0.73174,{"date":139,"score":133,"percentile":140},"2025-11-06",0.73172,{"date":142,"score":133,"percentile":143},"2025-11-07",0.7319,{"date":145,"score":133,"percentile":146},"2025-11-08",0.73189,{"date":148,"score":133,"percentile":149},"2025-11-09",0.73183,{"date":151,"score":133,"percentile":152},"2025-11-10",0.73171,{"date":154,"score":133,"percentile":155},"2025-11-11",0.73176,{"date":157,"score":133,"percentile":158},"2025-11-12",0.73194,{"date":160,"score":133,"percentile":161},"2025-11-13",0.73201,{"date":163,"score":133,"percentile":164},"2025-11-14",0.73207,{"date":166,"score":133,"percentile":167},"2025-11-15",0.73205,{"date":169,"score":133,"percentile":161},"2025-11-16",{"date":171,"score":133,"percentile":172},"2025-11-17",0.73195,{"date":174,"score":175,"percentile":176},"2025-11-18",0.02184,0.8301,{"date":178,"score":175,"percentile":176},"2025-11-19",{"date":180,"score":175,"percentile":181},"2025-11-20",0.83015,{"date":183,"score":133,"percentile":184},"2025-11-21",0.73211,{"date":186,"score":133,"percentile":187},"2025-11-22",0.73206,{"date":189,"score":133,"percentile":143},"2025-11-23",{"date":191,"score":133,"percentile":149},"2025-11-24",{"date":193,"score":133,"percentile":194},"2025-11-25",0.73186,{"date":196,"score":133,"percentile":197},"2025-11-26",0.73191,{"date":199,"score":133,"percentile":200},"2025-11-27",0.73193,{"date":202,"score":76,"percentile":203},"2025-11-28",0.7972,{"date":205,"score":76,"percentile":206},"2025-11-29",0.79726,{"date":208,"score":76,"percentile":209},"2025-11-30",0.79725,{"date":211,"score":133,"percentile":212},"2025-12-01",0.73307,{"date":214,"score":133,"percentile":215},"2025-12-02",0.73316,{"date":217,"score":133,"percentile":218},"2025-12-03",0.73315,{"date":220,"score":76,"percentile":221},"2025-12-04",0.79728,{"date":223,"score":76,"percentile":224},"2025-12-05",0.79733,{"date":226,"score":76,"percentile":227},"2025-12-06",0.79736,{"date":229,"score":76,"percentile":230},"2025-12-07",0.79739,{"date":232,"score":76,"percentile":233},"2025-12-08",0.79742,{"date":235,"score":76,"percentile":236},"2025-12-09",0.79758,{"date":238,"score":76,"percentile":239},"2025-12-10",0.79783,{"date":241,"score":76,"percentile":242},"2025-12-11",0.79795,{"date":244,"score":76,"percentile":245},"2025-12-12",0.79814,{"date":247,"score":76,"percentile":248},"2025-12-13",0.79815,{"date":250,"score":76,"percentile":251},"2025-12-14",0.79816,{"date":253,"score":76,"percentile":248},"2025-12-15",{"date":255,"score":76,"percentile":256},"2025-12-16",0.79824,{"date":258,"score":76,"percentile":259},"2025-12-17",0.79835,{"date":261,"score":76,"percentile":262},"2025-12-18",0.79853,{"date":264,"score":76,"percentile":265},"2025-12-19",0.79861,{"date":267,"score":76,"percentile":268},"2025-12-20",0.79855,{"date":270,"score":76,"percentile":271},"2025-12-21",0.79848,{"date":273,"score":76,"percentile":274},"2025-12-22",0.79849,{"date":276,"score":76,"percentile":277},"2025-12-23",0.7985,{"date":279,"score":76,"percentile":280},"2025-12-24",0.79865,{"date":282,"score":76,"percentile":283},"2025-12-25",0.79886,{"date":285,"score":76,"percentile":286},"2025-12-26",0.79882,{"date":288,"score":289,"percentile":290},"2025-12-27",0.01009,0.76609,{"date":292,"score":76,"percentile":293},"2025-12-28",0.7987,{"date":295,"score":76,"percentile":296},"2025-12-29",0.79868,{"date":298,"score":76,"percentile":299},"2025-12-30",0.79874,{"date":301,"score":76,"percentile":283},"2025-12-31",{"date":303,"score":133,"percentile":304},"2026-01-01",0.73555,{"date":306,"score":133,"percentile":304},"2026-01-02",{"date":308,"score":133,"percentile":304},"2026-01-03",{"date":310,"score":76,"percentile":311},"2026-01-04",0.79876,{"date":313,"score":76,"percentile":299},"2026-01-05",{"date":315,"score":76,"percentile":316},"2026-01-06",0.79877,{"date":318,"score":76,"percentile":319},"2026-01-07",0.79883,{"date":321,"score":76,"percentile":322},"2026-01-08",0.79891,{"date":324,"score":76,"percentile":325},"2026-01-09",0.79892,{"date":327,"score":76,"percentile":322},"2026-01-10",{"date":329,"score":76,"percentile":330},"2026-01-11",0.79884,{"date":332,"score":76,"percentile":296},"2026-01-12",{"date":334,"score":76,"percentile":335},"2026-01-13",0.79867,{"date":337,"score":76,"percentile":338},"2026-01-14",0.79888,{"date":340,"score":76,"percentile":341},"2026-01-15",0.79889,{"date":343,"score":76,"percentile":344},"2026-01-16",0.79899,{"date":346,"score":76,"percentile":347},"2026-01-17",0.79906,{"date":349,"score":76,"percentile":350},"2026-01-18",0.79897,{"date":352,"score":76,"percentile":353},"2026-01-19",0.7989,{"date":355,"score":76,"percentile":322},"2026-01-20",{"date":357,"score":76,"percentile":344},"2026-01-21",{"date":359,"score":76,"percentile":360},"2026-01-22",0.79909,{"date":362,"score":76,"percentile":363},"2026-01-23",0.79937,{"date":365,"score":76,"percentile":366},"2026-01-24",0.79948,{"date":368,"score":76,"percentile":369},"2026-01-25",0.79938,{"date":371,"score":76,"percentile":363},"2026-01-26",{"date":373,"score":76,"percentile":374},"2026-01-27",0.79939,{"date":376,"score":76,"percentile":377},"2026-01-28",0.79935,{"date":379,"score":76,"percentile":377},"2026-01-29",{"date":381,"score":76,"percentile":363},"2026-01-30",{"date":383,"score":76,"percentile":384},"2026-01-31",0.79943,{"date":386,"score":133,"percentile":387},"2026-02-01",0.73615,[389,394,399],{"source":79,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":390,"cvss_v4_0":9},{"baseScore":77,"baseSeverity":391,"vectorString":80,"impactScore":392,"exploitabilityScore":393},"LOW",2.3,4.6,{"source":85,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":395,"cvss_v4_0":9},{"baseScore":396,"baseSeverity":391,"vectorString":397,"impactScore":392,"exploitabilityScore":398},3.1,"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",4.1,{"source":86,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":77,"baseSeverity":9,"vectorString":80,"impactScore":392,"exploitabilityScore":393},[402,415,445,460,474,482,488],{"ecosystem":9,"name":403,"vendor":404,"product":405,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"debian linux","debian","debian_linux","o",[408,411,413],{"version":409,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":412,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"version":414,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"ecosystem":9,"name":416,"vendor":417,"product":416,"cpe_part":418,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":419},"jetty","eclipse","a",[420,427,431,435,437,439,441,443],{"version":421,"is_range":422,"range_type":410,"version_start":423,"version_start_type":424,"version_end":425,"version_end_type":426,"fixed_in":9},"gte9.0.0_lt9.4.52",true,"9.0.0","including","9.4.52","excluding",{"version":428,"is_range":422,"range_type":410,"version_start":429,"version_start_type":424,"version_end":430,"version_end_type":426,"fixed_in":9},"gte10.0.0_lt10.0.16","10.0.0","10.0.16",{"version":432,"is_range":422,"range_type":410,"version_start":433,"version_start_type":424,"version_end":434,"version_end_type":426,"fixed_in":9},"gte11.0.0_lt11.0.16","11.0.0","11.0.16",{"version":436,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0:alpha1",{"version":438,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0:alpha2",{"version":440,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0:alpha3",{"version":442,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0:beta0",{"version":444,"is_range":38,"range_type":410,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0:beta1",{"ecosystem":9,"name":446,"vendor":417,"product":446,"cpe_part":418,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":447},"jetty.project",[448,451,454,457],{"version":449,"is_range":422,"range_type":79,"version_start":423,"version_start_type":424,"version_end":450,"version_end_type":424,"fixed_in":9},">= 9.0.0, \u003C= 9.4.51","9.4.51",{"version":452,"is_range":422,"range_type":79,"version_start":429,"version_start_type":424,"version_end":453,"version_end_type":424,"fixed_in":9},">= 10.0.0, \u003C= 10.0.15","10.0.15",{"version":455,"is_range":422,"range_type":79,"version_start":433,"version_start_type":424,"version_end":456,"version_end_type":424,"fixed_in":9},">= 11.0.0, \u003C= 11.0.15","11.0.15",{"version":458,"is_range":422,"range_type":79,"version_start":9,"version_start_type":9,"version_end":459,"version_end_type":424,"fixed_in":9},"\u003C= 12.0.0-beta1","12.0.0-beta1",{"ecosystem":461,"name":462,"vendor":463,"product":464,"cpe_part":9,"purl_type":465,"purl_namespace":463,"purl_name":464,"source":9,"versions":466},"Maven","org.eclipse.jetty:jetty-servlets","org.eclipse.jetty","jetty-servlets","maven",[467,470,472],{"version":468,"is_range":422,"range_type":469,"version_start":423,"version_start_type":424,"version_end":425,"version_end_type":426,"fixed_in":9},"gte9_0_0_lt9_4_52","ecosystem",{"version":471,"is_range":422,"range_type":469,"version_start":429,"version_start_type":424,"version_end":430,"version_end_type":426,"fixed_in":9},"gte10_0_0_lt10_0_16",{"version":473,"is_range":422,"range_type":469,"version_start":433,"version_start_type":424,"version_end":434,"version_end_type":426,"fixed_in":9},"gte11_0_0_lt11_0_16",{"ecosystem":461,"name":475,"vendor":476,"product":477,"cpe_part":9,"purl_type":465,"purl_namespace":476,"purl_name":477,"source":9,"versions":478},"org.eclipse.jetty.ee10:jetty-ee10-servlets","org.eclipse.jetty.ee10","jetty-ee10-servlets",[479],{"version":480,"is_range":422,"range_type":469,"version_start":9,"version_start_type":9,"version_end":481,"version_end_type":426,"fixed_in":9},"lt12_0_0_beta2","12.0.0-beta2",{"ecosystem":461,"name":483,"vendor":484,"product":485,"cpe_part":9,"purl_type":465,"purl_namespace":484,"purl_name":485,"source":9,"versions":486},"org.eclipse.jetty.ee8:jetty-ee8-servlets","org.eclipse.jetty.ee8","jetty-ee8-servlets",[487],{"version":480,"is_range":422,"range_type":469,"version_start":9,"version_start_type":9,"version_end":481,"version_end_type":426,"fixed_in":9},{"ecosystem":461,"name":489,"vendor":490,"product":491,"cpe_part":9,"purl_type":465,"purl_namespace":490,"purl_name":491,"source":9,"versions":492},"org.eclipse.jetty.ee9:jetty-ee9-servlets","org.eclipse.jetty.ee9","jetty-ee9-servlets",[493],{"version":480,"is_range":422,"range_type":469,"version_start":9,"version_start_type":9,"version_end":481,"version_end_type":426,"fixed_in":9}]