VYPR

rpm package

suse/jetty-minimal&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6

pkg:rpm/suse/jetty-minimal&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6

Vulnerabilities (4)

  • CVE-2025-5115Aug 20, 2025
    affected < 9.4.58-150200.3.34.1fixed 9.4.58-150200.3.34.1

    In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing th

  • CVE-2024-13009May 8, 2025
    affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1

    In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.

  • CVE-2024-8184Oct 14, 2024
    affected < 9.4.56-150200.3.28.1fixed 9.4.56-150200.3.28.1

    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's

  • CVE-2024-6763Oct 14, 2024
    affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1

    Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro