VYPR
High severityNVD Advisory· Published Apr 1, 2021· Updated Aug 27, 2025

CVE-2021-28165

CVE-2021-28165

Description

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.jetty:jetty-serverMaven
>= 7.2.2, < 9.4.399.4.39
org.eclipse.jetty:jetty-serverMaven
>= 10.0.0, < 10.0.210.0.2
org.eclipse.jetty:jetty-serverMaven
>= 11.0.0, < 11.0.211.0.2

Affected products

7

Patches

Vulnerability mechanics

References

209

News mentions

1