Vulnerabilities > Eclipse > Jetty
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-6762 | Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. | 6.5 |
| 2024-10-14 | CVE-2024-6763 | Unspecified vulnerability in Eclipse Jetty Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . | 5.3 |
| 2024-10-14 | CVE-2024-8184 | Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. | 6.5 |
| 2023-10-10 | CVE-2023-36478 | Resource Exhaustion vulnerability in multiple products Eclipse Jetty provides a web server and servlet container. | 7.5 |
| 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
| 2023-09-15 | CVE-2023-41900 | Improper Authentication vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 4.3 |
| 2023-09-15 | CVE-2023-40167 | Improper Handling of Length Parameter Inconsistency vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 5.3 |
| 2023-09-15 | CVE-2023-36479 | Improper Neutralization of Quoting Syntax vulnerability in multiple products Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. | 4.3 |
| 2023-04-18 | CVE-2023-26048 | Resource Exhaustion vulnerability in Eclipse Jetty Jetty is a java based web server and servlet engine. | 5.3 |
| 2023-04-18 | CVE-2023-26049 | Information Exposure vulnerability in multiple products Jetty is a java based web server and servlet engine. | 5.3 |