Maven package
org.eclipse.jetty.http2/jetty-http2-server
pkg:maven/org.eclipse.jetty.http2/jetty-http2-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | Hig | 7.5 | KEV | >= 12.0.0, < 12.0.2 | 12.0.2 | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
- affected >= 12.0.0, < 12.0.2fixed 12.0.2
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.