Vulnerabilities > Eclipse > Jetty

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2024-6762 Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
network
low complexity
eclipse CWE-770
6.5
2024-10-14 CVE-2024-6763 Unspecified vulnerability in Eclipse Jetty
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine .
network
low complexity
eclipse
5.3
2024-10-14 CVE-2024-8184 Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.
network
low complexity
eclipse CWE-770
6.5
2023-10-10 CVE-2023-36478 Eclipse Jetty provides a web server and servlet container.
network
low complexity
eclipse jenkins debian
7.5
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-09-15 CVE-2023-41900 Improper Authentication vulnerability in multiple products
Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse debian CWE-287
4.3
2023-09-15 CVE-2023-40167 Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse debian
5.3
2023-09-15 CVE-2023-36479 Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project.
network
low complexity
eclipse debian
4.3
2023-04-18 CVE-2023-26048 Unspecified vulnerability in Eclipse Jetty
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse
5.3
2023-04-18 CVE-2023-26049 Jetty is a java based web server and servlet engine.
network
low complexity
eclipse debian netapp
5.3