rpm package
suse/jetty-minimal&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
pkg:rpm/suse/jetty-minimal&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-5115 | — | < 9.4.58-150200.3.34.1 | 9.4.58-150200.3.34.1 | Aug 20, 2025 | In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing th | ||
| CVE-2024-13009 | — | < 9.4.57-150200.3.31.1 | 9.4.57-150200.3.31.1 | May 8, 2025 | In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests. | ||
| CVE-2024-6763 | — | < 9.4.57-150200.3.31.1 | 9.4.57-150200.3.31.1 | Oct 14, 2024 | Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro |
- CVE-2025-5115Aug 20, 2025affected < 9.4.58-150200.3.34.1fixed 9.4.58-150200.3.34.1
In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing th
- CVE-2024-13009May 8, 2025affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
- CVE-2024-6763Oct 14, 2024affected < 9.4.57-150200.3.31.1fixed 9.4.57-150200.3.31.1
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro