Vulnerabilities > CVE-2021-28165 - Improper Handling of Exceptional Conditions vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

Vulnerable Configurations

Part Description Count
Application
Eclipse
469
Application
Oracle
34
Application
Jenkins
2025
Application
Netapp
101

References