VYPR

apk package

chainguard/webswing

pkg:apk/chainguard/webswing

Vulnerabilities (3)

  • CVE-2025-12383Nov 18, 2025
    affected < 24.2.2-r1fixed 24.2.2-r1

    In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but

  • CVE-2024-13009May 8, 2025
    affected < 24.2.2-r0fixed 24.2.2-r0

    In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.

  • CVE-2024-8184Oct 14, 2024
    affected < 24.2.2-r1fixed 24.2.2-r1

    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's