| CVE-2016-4800 |
critical |
9.8 |
9.8 |
9y ago |
Jetty contains an alias issue that could allow unauthenticated remote code execution due to specially crafted request |
|
| CVE-2021-28165 |
high |
— |
8.0 |
5y ago |
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources |
|
| CVE-2017-9735 |
high |
7.5 |
7.5 |
9y ago |
Jetty vulnerable to exposure of sensitive information due to observable discrepancy |
|
| CVE-2015-2080 |
high |
7.5 |
7.5 |
10y ago |
Jetty vulnerable to exposure of sensitive information to unauthenticated remote users |
|
| CVE-2011-4461 |
medium |
5.3 |
5.3 |
15y ago |
Improper Input Validation in Jetty |
|
| CVE-2024-8184 |
unknown |
— |
— |
2y ago |
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks |
|
| CVE-2022-2191 |
unknown |
— |
— |
4y ago |
Jetty SslConnection does not release pooled ByteBuffers in case of errors |
|
| CVE-2006-6969 |
unknown |
— |
— |
4y ago |
Jetty Uses Predictable Session Identifiers |
|
| CVE-2020-27218 |
unknown |
— |
— |
6y ago |
Buffer not correctly recycled in Gzip Request inflation |
|
| CVE-2019-17632 |
unknown |
— |
— |
7y ago |
Unescaped exception messages in error responses in Jetty |
|
| CVE-2019-10241 |
unknown |
— |
— |
7y ago |
Cross-site Scripting in Eclipse Jetty |
|
| CVE-2018-12545 |
unknown |
— |
— |
7y ago |
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server |
|
| CVE-2017-7658 |
unknown |
— |
— |
8y ago |
Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling) |
|
| CVE-2017-7656 |
unknown |
— |
— |
8y ago |
Jetty vulnerable to cache poisoning due to inconsistent HTTP request handling (HTTP Request Smuggling) |
|
| CVE-2018-12536 |
unknown |
— |
— |
8y ago |
Eclipse Jetty Server generates error message containing sensitive information |
|