Vulnerabilities > Eclipse > Jetty > 10.0.8

DATE CVE VULNERABILITY TITLE RISK
2022-07-07 CVE-2022-2048 In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources.
network
low complexity
eclipse debian netapp jenkins
7.5
7.5
2022-07-07 CVE-2022-2191 Improper Resource Shutdown or Release vulnerability in Eclipse Jetty
In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.
network
low complexity
eclipse CWE-404
7.5
7.5