VYPR
High severity7.5NVD Advisory· Published Oct 7, 2016· Updated Jun 17, 2026

CVE-2015-2080

CVE-2015-2080

Description

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.jetty:jetty-serverMaven
< 9.2.9.v201502249.2.9.v20150224

Affected products

10
  • Eclipse/Jetty8 versions
    cpe:2.3:a:eclipse:jetty:9.2.3:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:eclipse:jetty:9.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.3.0:m0:*:*:*:*:*:*
    • cpe:2.3:a:eclipse:jetty:9.3.0:m1:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 9.2.9.v20150224

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.