VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.eclipse.jetty:jetty-http

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-2332 critical 9.1 9.1 2d ago Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing redhatdebiansusejava
CVE-2025-11143 low 2.5 3mo ago org.eclipse.jetty:jetty-http has different parsing of invalid URIs debiansusejava
CVE-2024-6763 unknown 2y ago Eclipse Jetty URI parsing of invalid authority debiansusejava
CVE-2023-40167 unknown 3y ago Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header fie… susedebianjava
CVE-2022-2047 unknown 4y ago In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly de… susedebianjava