VYPR

Maven package

org.eclipse.jetty.http2/http2-hpack

pkg:maven/org.eclipse.jetty.http2/http2-hpack

Vulnerabilities (1)

  • CVE-2023-36478Oct 10, 2023
    affected >= 10.0.0, < 10.0.16fixed 10.0.16

    Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.j