Package impact
Maven / org.eclipse.jetty:jetty-http
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2332 | critical | 9.1 | 9.1 | 3d ago | Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing | |||
| CVE-2025-11143 | low | — | 2.5 | 3mo ago | org.eclipse.jetty:jetty-http has different parsing of invalid URIs | |||
| CVE-2024-6763 | unknown | — | — | 2y ago | Eclipse Jetty URI parsing of invalid authority | |||
| CVE-2023-40167 | unknown | — | — | 3y ago | Jetty accepts "+" prefixed value in Content-Length | |||
| CVE-2022-2047 | unknown | — | — | 4y ago | Jetty invalid URI parsing may produce invalid HttpURI.authority |