VYPR
Moderate severityNVD Advisory· Published Oct 14, 2024· Updated Nov 3, 2025

Jetty DOS vulnerability on DosFilter

CVE-2024-9823

Description

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.jetty.ee10:jetty-ee10-servletsMaven
>= 12.0.0, < 12.0.312.0.3
org.eclipse.jetty.ee8:jetty-ee8-servletsMaven
>= 12.0.0, < 12.0.312.0.3
org.eclipse.jetty.ee9:jetty-ee9-servletsMaven
>= 12.0.0, < 12.0.312.0.3
org.eclipse.jetty:jetty-servletsMaven
>= 9.0.0, < 9.4.549.4.54
org.eclipse.jetty:jetty-servletsMaven
>= 10.0.0, < 10.0.1810.0.18
org.eclipse.jetty:jetty-servletsMaven
>= 11.0.0, < 11.0.1811.0.18

Affected products

14

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.