Maven package
org.eclipse.jetty.ee8/jetty-ee8-servlets
pkg:maven/org.eclipse.jetty.ee8/jetty-ee8-servlets
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-9823 | — | >= 12.0.0, < 12.0.3 | 12.0.3 | Oct 14, 2024 | There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the s | ||
| CVE-2023-36479 | — | < 12.0.0-beta2 | 12.0.0-beta2 | Sep 15, 2023 | Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a spac |
- CVE-2024-9823Oct 14, 2024affected >= 12.0.0, < 12.0.3fixed 12.0.3
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the s
- CVE-2023-36479Sep 15, 2023affected < 12.0.0-beta2fixed 12.0.0-beta2
Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a spac