📦 Jetty

This vulnerability in Eclipse Jetty's GzipHandler causes a memory leak when processing compressed HTTP requests without compressed responses. Attackers can exploit this to cause denial of service by e...

This vulnerability in Eclipse Jetty allows HTTP/2 clients to trigger resource exhaustion attacks by sending malformed frames that force the server to send RST_STREAM responses. Attackers can rapidly c...

This vulnerability in Eclipse Jetty allows incorrect buffer release during gzip decompression errors, potentially leading to data corruption or unintended data sharing between HTTP requests. It affect...

This CVE describes an integer overflow vulnerability in Eclipse Jetty's HTTP/2 HPACK header processing. Attackers can send specially crafted HTTP/2 requests with large header values that bypass size l...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This vulnerability in Eclipse Jetty's HTTP/2 server implementation allows attackers to cause denial of service by sending invalid HTTP/2 requests that trigger resource cleanup failures. The bug preven...

This vulnerability in Eclipse Jetty allows denial-of-service attacks by causing 100% CPU usage when processing large invalid TLS frames. Attackers can exploit this to make affected servers unresponsiv...

This vulnerability in Jetty's ThreadLimitHandler.getRemote() allows unauthenticated attackers to send crafted requests that trigger OutOfMemory errors, causing denial-of-service by exhausting server m...

This vulnerability in Jetty's DosFilter allows unauthenticated attackers to send crafted requests that trigger OutOfMemory errors, leading to denial-of-service conditions. It affects servers using Jet...