VYPR

rpm package

suse/jetty-minimal&distro=SUSE Linux Enterprise Module for Development Tools 15 SP7

pkg:rpm/suse/jetty-minimal&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7

Vulnerabilities (4)

  • CVE-2025-11143Mar 5, 2026
    affected < 9.4.58-150200.3.37.1fixed 9.4.58-150200.3.37.1

    The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the UR

  • CVE-2025-5115Aug 20, 2025
    affected < 9.4.58-150200.3.34.1fixed 9.4.58-150200.3.34.1

    In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing th

  • CVE-2024-13009May 8, 2025
    affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1

    In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.

  • CVE-2024-6763Oct 14, 2024
    affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1

    Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro