VYPR

rpm package

opensuse/jetty-websocket&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/jetty-websocket&distro=openSUSE%20Leap%2015.6

Vulnerabilities (2)

  • CVE-2025-11143Mar 5, 2026
    affected < 9.4.58-150200.3.37.1fixed 9.4.58-150200.3.37.1

    The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the UR

  • CVE-2025-5115Aug 20, 2025
    affected < 9.4.58-150200.3.34.1fixed 9.4.58-150200.3.34.1

    In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing th