High severity7.5NVD Advisory· Published Oct 7, 2016· Updated Jun 17, 2026
CVE-2015-2080
CVE-2015-2080
Description
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.eclipse.jetty:jetty-serverMaven | < 9.2.9.v20150224 | 9.2.9.v20150224 |
Affected products
10cpe:2.3:a:eclipse:jetty:9.2.3:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:eclipse:jetty:9.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.3.0:m0:*:*:*:*:*:*
- cpe:2.3:a:eclipse:jetty:9.3.0:m1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
14- packetstormsecurity.com/files/130567/Jetty-9.2.8-Shared-Buffer-Leakage.htmlnvdExploitThird Party AdvisoryWEB
- seclists.org/fulldisclosure/2015/Mar/12nvdExploitThird Party AdvisoryWEB
- blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.htmlnvdExploitThird Party AdvisoryWEB
- github.com/eclipse/jetty.project/blob/jetty-9.2.x/advisories/2015-02-24-httpparser-error-buffer-bleed.mdnvdExploitVendor AdvisoryWEB
- dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.htmlnvdVendor AdvisoryWEB
- dev.eclipse.org/mhonarc/lists/jetty-announce/msg00075.htmlnvdVendor AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2015-March/151804.htmlnvdThird Party AdvisoryWEB
- www.securitytracker.com/id/1031800nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-ghgj-3xqr-6jfmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-2080ghsaADVISORY
- www.securityfocus.com/archive/1/534755/100/1600/threadednvdWEB
- www.securityfocus.com/bid/72768nvdBroken LinkWEB
- security.netapp.com/advisory/ntap-20190307-0005ghsaWEB
- security.netapp.com/advisory/ntap-20190307-0005/nvd
News mentions
0No linked articles in our index yet.