VYPR
Moderate severityNVD Advisory· Published Oct 14, 2024· Updated Nov 3, 2025

Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

CVE-2024-8184

Description

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.jetty:jetty-serverMaven
>= 12.0.0, < 12.0.912.0.9
org.eclipse.jetty:jetty-serverMaven
>= 10.0.0, < 10.0.2410.0.24
org.eclipse.jetty:jetty-serverMaven
>= 11.0.0, < 11.0.2411.0.24
org.eclipse.jetty:jetty-serverMaven
>= 9.3.12, < 9.4.569.4.56

Affected products

129

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.