rpm package
suse/jetty-minimal&distro=SUSE Linux Enterprise Real Time 15 SP3
pkg:rpm/suse/jetty-minimal&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26049 | — | < 9.4.51-150200.3.19.2 | 9.4.51-150200.3.19.2 | Apr 18, 2023 | Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that start | ||
| CVE-2023-26048 | — | < 9.4.51-150200.3.19.2 | 9.4.51-150200.3.19.2 | Apr 18, 2023 | Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a |
- CVE-2023-26049Apr 18, 2023affected < 9.4.51-150200.3.19.2fixed 9.4.51-150200.3.19.2
Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that start
- CVE-2023-26048Apr 18, 2023affected < 9.4.51-150200.3.19.2fixed 9.4.51-150200.3.19.2
Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a