VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Eclipse
>
Jetty
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-14
CVE-2024-6762
Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
network
low complexity
eclipse
CWE-770
6.5
6.5
2024-10-14
CVE-2024-6763
Unspecified vulnerability in Eclipse Jetty
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine .
network
low complexity
eclipse
5.3
5.3
2024-10-14
CVE-2024-8184
Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.
network
low complexity
eclipse
CWE-770
6.5
6.5
2023-09-15
CVE-2023-41900
Improper Authentication vulnerability in multiple products
Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse
debian
CWE-287
4.3
4.3
2023-09-15
CVE-2023-40167
Improper Handling of Length Parameter Inconsistency vulnerability in multiple products
Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse
debian
CWE-130
5.3
5.3
2023-09-15
CVE-2023-36479
Improper Neutralization of Quoting Syntax vulnerability in multiple products
Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project.
network
low complexity
eclipse
debian
CWE-149
4.3
4.3
2023-04-18
CVE-2023-26048
Resource Exhaustion vulnerability in Eclipse Jetty
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse
CWE-400
5.3
5.3
2023-04-18
CVE-2023-26049
Information Exposure vulnerability in multiple products
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse
debian
netapp
CWE-200
5.3
5.3
2021-07-15
CVE-2021-34429
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints.
network
low complexity
eclipse
netapp
oracle
5.3
5.3
2021-06-09
CVE-2021-28169
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory.
network
low complexity
eclipse
debian
oracle
netapp
5.3
5.3
«
1
(current)
2
»
Next