Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    104 vulnerabilities found for jetty by eclipse

    CVE-2026-8384 (GCVE-0-2026-8384)

    Vulnerability from nvd – Published: 2026-07-14 08:56 – Updated: 2026-07-14 12:18
    VLAI
    Summary
    In Eclipse Jetty, an HTTP URI of this form: /public;/../admin/secret.txt results in an unresolved path of: /public/../admin/secret.txt instead of the expected: /admin/secret.txt Jetty itself is not affected, as it will not serve the secret.txt file because it will not pass the alias checker (only resolved resources are served). However, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.34 (semver)
    Affected: 12.1.0 , ≤ 12.1.8 (semver)
    Create a notification for this product.
    Credits
    https://github.com/jweny https://github.com/lworld0x00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8384",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:18:08.648859Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:18:29.831Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.34",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/jweny"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/lworld0x00"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, an HTTP URI of this form:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/public;/../admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003eresults in an unresolved path of:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/public/../admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003einstead of the expected:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003eJetty itself is not affected, as it will not serve the \u003ccode\u003esecret.txt\u003c/code\u003e file because it will not pass the alias checker (only resolved resources are served).\u003c/p\u003e\n\u003cp\u003eHowever, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, an HTTP URI of this form:\n\n\n\n\n\n/public;/../admin/secret.txt\n\n\n\n\n\n\n\n\nresults in an unresolved path of:\n\n\n\n\n\n/public/../admin/secret.txt\n\n\n\n\n\n\n\n\ninstead of the expected:\n\n\n\n\n\n/admin/secret.txt\n\n\n\n\n\n\n\n\nJetty itself is not affected, as it will not serve the secret.txt file because it will not pass the alias checker (only resolved resources are served).\n\n\n\n\nHowever, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-647",
                  "description": "CWE-647",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:56:17.525Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/108"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-8384",
        "datePublished": "2026-07-14T08:56:17.525Z",
        "dateReserved": "2026-05-12T10:01:35.472Z",
        "dateUpdated": "2026-07-14T12:18:29.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6790 (GCVE-0-2026-6790)

    Vulnerability from nvd – Published: 2026-07-14 08:51 – Updated: 2026-07-14 12:20
    VLAI
    Summary
    In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the Host header (if present). This was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112). This mismatch can cause a number of problems that may be classified as vulnerabilities such as: * URI constructions (for example, for redirects -- this is typical for login pages) * Virtual host selection * Reverse proxying * Misleading logs * Etc. Given that the latest RFCs require that request authority and Host header must match, Jetty should enforce this invariant.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 9.4.0 , ≤ 9.4.60 (semver)
    Affected: 10.0.0 , ≤ 10.0.28 (semver)
    Affected: 11.0.0 , ≤ 11.0.28 (semver)
    Affected: 12.0.0 , ≤ 12.0.34 (semver)
    Affected: 12.1.0 , ≤ 12.1.8 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6790",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:18:58.528202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:20:35.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.60",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.28",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.28",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.34",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the \u003ccode\u003eHost\u003c/code\u003e header (if present).\u003c/p\u003e\n\u003cp\u003eThis was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112).\u003c/p\u003e\n\u003cp\u003eThis mismatch can cause a number of problems that may be classified as vulnerabilities such as:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n        \n      URI constructions (for example, for redirects -- this is typical for login pages)\u003c/li\u003e\n\u003cli\u003e\n        \n      Virtual host selection\u003c/li\u003e\n\u003cli\u003e\n        \n      Reverse proxying\u003c/li\u003e\n\u003cli\u003e\n        \n      Misleading logs\u003c/li\u003e\n\u003cli\u003e\n        \n      Etc.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGiven that the latest RFCs require that request authority and \u003ccode\u003eHost\u003c/code\u003e header must match, Jetty should enforce this invariant.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the Host header (if present).\n\n\n\n\nThis was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112).\n\n\n\n\nThis mismatch can cause a number of problems that may be classified as vulnerabilities such as:\n\n\n\n  *  \n        \n      URI constructions (for example, for redirects -- this is typical for login pages)\n\n  *  \n        \n      Virtual host selection\n\n  *  \n        \n      Reverse proxying\n\n  *  \n        \n      Misleading logs\n\n  *  \n        \n      Etc.\n\n\n\n\n\n\nGiven that the latest RFCs require that request authority and Host header must match, Jetty should enforce this invariant."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:51:30.527Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/99"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-6790",
        "datePublished": "2026-07-14T08:51:30.527Z",
        "dateReserved": "2026-04-21T13:47:52.520Z",
        "dateUpdated": "2026-07-14T12:20:35.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10051 (GCVE-0-2026-10051)

    Vulnerability from nvd – Published: 2026-07-14 08:44 – Updated: 2026-07-14 12:57
    VLAI
    Summary
    In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.35 (semver)
    Affected: 12.1.0 , ≤ 12.1.9 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10051",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:57:36.570816Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:57:50.096Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.35",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection.\nSubsequent request that do not have trailers report the trailers of the first request.\nSubsequent request that do have trailers report the union of trailers of the first request and the current request."
                }
              ],
              "value": "In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection.\nSubsequent request that do not have trailers report the trailers of the first request.\nSubsequent request that do have trailers report the union of trailers of the first request and the current request."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:44:38.233Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/119"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-10051",
        "datePublished": "2026-07-14T08:44:38.233Z",
        "dateReserved": "2026-05-29T07:28:48.617Z",
        "dateUpdated": "2026-07-14T12:57:50.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7708 (GCVE-0-2024-7708)

    Vulnerability from nvd – Published: 2026-07-14 09:01 – Updated: 2026-07-14 12:17
    VLAI
    Summary
    For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak. This is particularly the case for 100-Continue, but any request where the network is slow can leak.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 10.0.7 , < 10.0.23 (semver)
    Affected: 11.0.7 , < 11.0.23 (semver)
    Create a notification for this product.
    Credits
    https://github.com/kimmerin https://github.com/pmneo
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7708",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:16:59.558842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:17:11.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "org.eclipse.jetty:jetty-server",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThan": "10.0.23",
                  "status": "affected",
                  "version": "10.0.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.0.23",
                  "status": "affected",
                  "version": "11.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/kimmerin"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/pmneo"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
                }
              ],
              "value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T09:01:53.869Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/29"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-7708",
        "datePublished": "2026-07-14T09:01:53.869Z",
        "dateReserved": "2024-08-12T16:15:04.741Z",
        "dateUpdated": "2026-07-14T12:17:11.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2332 (GCVE-0-2026-2332)

    Vulnerability from nvd – Published: 2026-04-14 10:59 – Updated: 2026-07-15 01:18
    VLAI
    Title
    HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
    Summary
    In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined here: * https://w4ke.info/2025/06/18/funky-chunks.html * https://w4ke.info/2025/10/29/funky-chunks-2.html Jetty terminates chunk extension parsing at \r\n inside quoted strings instead of treating this as an error. POST / HTTP/1.1 Host: localhost Transfer-Encoding: chunked 1;ext="val X 0 GET /smuggled HTTP/1.1 ... Note how the chunk extension does not close the double quotes, and it is able to inject a smuggled request.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.1.0 , ≤ 12.1.6 (semver)
    Affected: 12.0.0 , ≤ 12.0.32 (semver)
    Affected: 11.0.0 , ≤ 11.0.27 (semver)
    Affected: 10.0.0 , ≤ 10.0.27 (semver)
    Affected: 9.4.0 , ≤ 9.4.59 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.18 for Quarkus 3.33     cpe:/a:redhat:apache_camel_quarkus:3.33
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.2.0-19.el9_8.2 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal 1.2.7 Unaffected: 1779996999 , < * (rpm)
        cpe:/a:redhat:offline_knowledge_portal:1.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.27 Unaffected: 1776716842 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.27::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.27 Unaffected: 1776717247 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.27::el9
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat JBoss Web Server 6     cpe:/a:redhat:jboss_enterprise_web_server:6
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    https://github.com/xclow3n
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2332",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-14T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T03:58:12.322Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.33"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Build of Apache Camel 4.18 for Quarkus 3.33",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "packageName": "jmc",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.2.0-19.el9_8.2",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1.2::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal 1.2.7",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779996999",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.27::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.27",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1776716842",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.27::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.27",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1776717247",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "jenkins",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel8",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel9",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unknown",
                "packageName": "jetty-http",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_web_server:6"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Web Server 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "openvox-server",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "satellite-capsule:el8/puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-14T10:59:10.193Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-444",
                    "description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T01:18:45.256Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-2332"
              },
              {
                "name": "RHBZ#2458187",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458187"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2332.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20568"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22453"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21773"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10175"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:20568: Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22453: Red Hat Build of Apache Camel 4.18 for Quarkus 3.33"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21773: Red Hat Offline Knowledge Portal 1.2.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-14T12:01:05.768Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-14T10:59:10.193Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing",
            "workarounds": [
              {
                "lang": "en",
                "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "pkg://maven/org.eclipse.jetty/jetty-http",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.6",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.32",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.27",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.27",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.4.59",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "https://github.com/xclow3n"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the \"funky chunks\" techniques outlined here:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan\u003ehttps://w4ke.info/2025/06/18/funky-chunks.html\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003ehttps://w4ke.info/2025/10/29/funky-chunks-2.html\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003eJetty terminates chunk extension parsing at\u0026nbsp;\u003ccode\u003e\\r\\n\u003c/code\u003e\u0026nbsp;inside quoted strings instead of treating this as an error.\u003cbr\u003e\u003cbr\u003e\n\u003cpre\u003ePOST / HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n1;ext=\"val\nX\n0\n\nGET /smuggled HTTP/1.1\n...\n\u003c/pre\u003e\n\n\u003cdiv\u003e\u003cbr\u003eNote how the chunk extension does not close the double quotes, and it is able to inject a smuggled request.\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the \"funky chunks\" techniques outlined here:\n  *  https://w4ke.info/2025/06/18/funky-chunks.html\n\n  *  https://w4ke.info/2025/10/29/funky-chunks-2.html\n\n\nJetty terminates chunk extension parsing at\u00a0\\r\\n\u00a0inside quoted strings instead of treating this as an error.\n\n\nPOST / HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n1;ext=\"val\nX\n0\n\nGET /smuggled HTTP/1.1\n...\n\n\n\n\n\nNote how the chunk extension does not close the double quotes, and it is able to inject a smuggled request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-444",
                  "description": "CWE-444 Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response smuggling\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-14T10:59:10.193Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HTTP Request Smuggling via Chunked Extension Quoted-String Parsing",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-2332",
        "datePublished": "2026-04-14T10:59:10.193Z",
        "dateReserved": "2026-02-11T09:56:25.879Z",
        "dateUpdated": "2026-07-15T01:18:45.256Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5795 (GCVE-0-2026-5795)

    Vulnerability from nvd – Published: 2026-04-08 13:32 – Updated: 2026-07-15 00:42
    VLAI
    Summary
    In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals. A subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-226 - Sensitive information in resource not removed before reuse
    • CWE-287 - Improper Authentication
    • CWE-226 - Sensitive Information in Resource Not Removed Before Reuse
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.1.0 , ≤ 12.1.7 (semver)
    Affected: 12.0.0 , ≤ 12.0.33 (semver)
    Affected: 11.0.0 , ≤ 11.0.28 (semver)
    Affected: 10.0.0 , ≤ 10.0.28 (semver)
    Affected: 9.4.0 , ≤ 9.4.60 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0 Unaffected: ee10-servlet , < * (rpm)
    Unaffected: ee10-webapp , < * (rpm)
        cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 Unaffected: ee10-annotations , < * (rpm)
    Unaffected: ee10-plus , < * (rpm)
    Unaffected: ee10-servlet , < * (rpm)
    Unaffected: ee10-servlets , < * (rpm)
    Unaffected: ee10-webapp , < * (rpm)
        cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 Unaffected: apache-jsp , < * (rpm)
        cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal 1.2.7 Unaffected: 1782239370 , < * (rpm)
        cpe:/a:redhat:offline_knowledge_portal:1.2::el9
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    https://github.com/HRsGIT
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5795",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-09T03:56:11.784Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlet",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-webapp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-annotations",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-plus",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlet",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlets",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-webapp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-ee10",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "apache-jsp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1.2::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal 1.2.7",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1782239370",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-annotations",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-apache-jsp",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-cdi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-fcgi-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-glassfish-jstl",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-home",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jaspi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jndi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jspc-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-plus",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-quickstart",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-webapp",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-annotations",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-apache-jsp",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-cdi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-fcgi-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-glassfish-jstl",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-home",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jaspi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jndi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jspc-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-plus",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-quickstart",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-webapp",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-ee10-servlet",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T13:32:28.935Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Eclipse Jetty. The `JASPIAuthenticator` class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly clearing the ThreadLocal variables, allowing a subsequent request to inherit the un-cleared ThreadLocal values. This issue can cause broken access control, authentication bypass, privilege escalation and data breaches."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-226",
                    "description": "Sensitive Information in Resource Not Removed Before Reuse",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T00:42:04.200Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5795"
              },
              {
                "name": "RHBZ#2456519",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456519"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5795.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28573"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28573: Red Hat Offline Knowledge Portal 1.2.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-08T14:01:02.911Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T13:32:28.935Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables",
            "workarounds": [
              {
                "lang": "en",
                "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.33",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.28",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.28",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.4.60",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/HRsGIT"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, the class \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e initiates the authentication checks, which set two \u003ccode\u003eThreadLocal\u003c/code\u003e variable.\u003c/p\u003e\n\u003cp\u003eUpon returning from the initial checks, there are conditions that cause an early return from the \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e code without clearing those \u003ccode\u003eThreadLocal\u003c/code\u003es.\u003c/p\u003e\n\u003cp\u003eA subsequent request using the same thread inherits the \u003ccode\u003eThreadLocal\u003c/code\u003e values, leading to a broken access control and privilege escalation.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-226",
                  "description": "CWE-226 Sensitive information in resource not removed before reuse",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T13:32:28.935Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-5795",
        "datePublished": "2026-04-08T13:32:28.935Z",
        "dateReserved": "2026-04-08T13:21:06.990Z",
        "dateUpdated": "2026-07-15T00:42:04.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1605 (GCVE-0-2026-1605)

    Vulnerability from nvd – Published: 2026-03-05 09:39 – Updated: 2026-07-15 01:21
    VLAI
    Summary
    In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    • CWE-772 - Missing Release of Resource after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.31 (semver)
    Affected: 12.1.0. , ≤ 12.1.5 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.14.0     cpe:/a:redhat:amq_broker:7.14
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:2.40.0-7.redhat_00015.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:801.6.1-1.GA_redhat_00001.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:2.3.24-3.SP2_redhat_00001.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:8.1.6-7.GA_redhat_00010.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:2.40.0-7.redhat_00015.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:801.6.1-1.GA_redhat_00001.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:2.3.24-3.SP2_redhat_00001.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:8.1.6-7.GA_redhat_00010.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28 Unaffected: 1779528224 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28 Unaffected: 1779359423 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel for Spring Boot 4     cpe:/a:redhat:camel_spring_boot:4
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat JBoss Web Server 6     cpe:/a:redhat:jboss_enterprise_web_server:6
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal     cpe:/a:redhat:offline_knowledge_portal:1
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Gleb Sizov (@glebashnik) Bjørn Christian Seime (@bjorncs)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:46:07.126962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:46:16.289Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.14"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat AMQ Broker 7.14.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-activemq-artemis",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.40.0-7.redhat_00015.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-eap-product-conf-parent",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:801.6.1-1.GA_redhat_00001.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-undertow",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.3.24-3.SP2_redhat_00001.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-wildfly",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.1.6-7.GA_redhat_00010.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-activemq-artemis",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.40.0-7.redhat_00015.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-eap-product-conf-parent",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:801.6.1-1.GA_redhat_00001.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-undertow",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.3.24-3.SP2_redhat_00001.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-wildfly",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.1.6-7.GA_redhat_00010.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779528224",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779359423",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "jenkins",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel8",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel9",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:camel_spring_boot:4"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apache Camel for Spring Boot 4",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "maven-wagon",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "pki-core:10.6/resteasy",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "pki-deps:10.6/resteasy",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jmc",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "resteasy",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_web_server:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Web Server 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1"
                ],
                "defaultStatus": "unaffected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "satellite-capsule:el8/puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-05T09:39:01.315Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server\u0027s response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustion can result in a Denial of Service (DoS), making the server unavailable to legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-772",
                    "description": "Missing Release of Resource after Effective Lifetime",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T01:21:22.651Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1605"
              },
              {
                "name": "RHBZ#2444815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1605.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25125"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8509"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25126"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:25125: Red Hat JBoss EAP 8.1 for RHEL 8, Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8509: Red Hat AMQ Broker 7.14.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25126: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-05T11:00:57.250Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-05T09:39:01.315Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.31",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0.",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gleb Sizov (@glebashnik)"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Bj\u00f8rn Christian Seime (@bjorncs)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class \u003ccode\u003eGzipHandler\u003c/code\u003e exposes a vulnerability when a compressed HTTP request, with \u003ccode\u003eContent-Encoding: gzip\u003c/code\u003e, is processed and the corresponding response is not compressed.\u003c/p\u003e\n\u003cp\u003eThis happens because the JDK \u003ccode\u003eInflater\u003c/code\u003e is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response.\nIn this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed.\n\n\nThis happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response.\nIn this case, since the response is not compressed, the release mechanism does not trigger, causing the leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T09:39:01.315Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-1605",
        "datePublished": "2026-03-05T09:39:01.315Z",
        "dateReserved": "2026-01-29T10:58:31.963Z",
        "dateUpdated": "2026-07-15T01:21:22.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11143 (GCVE-0-2025-11143)

    Vulnerability from nvd – Published: 2026-03-05 09:26 – Updated: 2026-03-05 14:48
    VLAI
    Summary
    The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 9.4.0 , ≤ 9.4.58 (semver)
    Affected: 10.0.0 , ≤ 10.0.26 (semver)
    Affected: 11.0.0 , ≤ 11.0.26 (semver)
    Affected: 12.0.0 , ≤ 12.0.30 (semver)
    Affected: 12.1.0 , ≤ 12.1.4 (semver)
    Create a notification for this product.
    Credits
    zer0yu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:48:27.345884Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:48:41.622Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.58",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.26",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.26",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.30",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.4",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zer0yu"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDifferential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAt the very least, differential parsing may divulge implementation details.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs.\u00a0Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response.\u00a0At the very least, differential parsing may divulge implementation details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T09:26:59.830Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-wjpw-4j6x-6rwh"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-11143",
        "datePublished": "2026-03-05T09:26:59.830Z",
        "dateReserved": "2025-09-29T05:08:52.530Z",
        "dateUpdated": "2026-03-05T14:48:41.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5115 (GCVE-0-2025-5115)

    Vulnerability from nvd – Published: 2025-08-20 19:07 – Updated: 2025-11-04 21:11
    VLAI
    Title
    MadeYouReset HTTP/2 vulnerability
    Summary
    In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory. For example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal. Per specification https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame. The client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time. The attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame. Links: * https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Jetty Eclipse Jetty Affected: >=9.3.0 , ≤ <=9.4.57 (semver)
    Affected: >=10.0.0 , ≤ <=10.0.25 (semver)
    Affected: >=11.0.0 , ≤ <=11.0.25 (semver)
    Affected: >=12.0.0 , ≤ <=12.0.21 (semver)
    Affected: >=12.1.0.alpha0 , ≤ <=12.1.0.alpha2 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5115",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-20T19:28:04.700843Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-20T19:28:12.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:11:37.182Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00014.html"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/767506"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/09/17/1"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/08/20/4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "pkg:maven/org.eclipse.jetty.http2/http2-common",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=9.4.57",
                  "status": "affected",
                  "version": "\u003e=9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.0.25",
                  "status": "affected",
                  "version": "\u003e=10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=11.0.25",
                  "status": "affected",
                  "version": "\u003e=11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=12.0.21",
                  "status": "affected",
                  "version": "\u003e=12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=12.1.0.alpha2",
                  "status": "affected",
                  "version": "\u003e=12.1.0.alpha0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eIn Eclipse Jetty, versions \u0026lt;=9.4.57, \u0026lt;=10.0.25, \u0026lt;=11.0.25, \u0026lt;=12.0.21, \u0026lt;=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory.\u003c/p\u003e\n\u003cp\u003eFor example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal.\nPer specification\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update\"\u003e\u003c/a\u003e, the server should send a RST_STREAM frame.\nThe client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time.\u003c/p\u003e\n\u003cp\u003eThe attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h\"\u003ehttps://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, versions \u003c=9.4.57, \u003c=10.0.25, \u003c=11.0.25, \u003c=12.0.21, \u003c=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory.\n\n\nFor example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal.\nPer specification  https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame.\nThe client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time.\n\n\nThe attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame.\n\n\n\nLinks:\n\n\n\n  *   https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-21T10:36:49.477Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/jetty/jetty.project/pull/13449"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-12.1.0"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-12.0.25"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-11.0.26"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-10.0.26"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-9.4.58.v20250814"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MadeYouReset HTTP/2 vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-5115",
        "datePublished": "2025-08-20T19:07:11.546Z",
        "dateReserved": "2025-05-23T08:55:59.861Z",
        "dateUpdated": "2025-11-04T21:11:37.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-1948 (GCVE-0-2025-1948)

    Vulnerability from nvd – Published: 2025-05-08 17:48 – Updated: 2025-05-08 18:31
    VLAI
    Title
    Eclipse Jetty HTTP clients can increase memory allocation
    Summary
    In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE. The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 12.0.0 , ≤ 12.0.16 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1948",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:31:29.735282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:31:44.196Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Jetty",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.16",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
                }
              ],
              "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-08T17:48:40.831Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"
            },
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Eclipse Jetty HTTP clients can increase memory allocation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-1948",
        "datePublished": "2025-05-08T17:48:40.831Z",
        "dateReserved": "2025-03-04T13:55:56.722Z",
        "dateUpdated": "2025-05-08T18:31:44.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-13009 (GCVE-0-2024-13009)

    Vulnerability from nvd – Published: 2025-05-08 17:29 – Updated: 2025-05-08 18:56 Unsupported When Assigned
    VLAI
    Title
    Eclipse Jetty GZIP buffer release
    Summary
    In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.4.0 , ≤ 9.4.56 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13009",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:55:32.278977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:56:39.446Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Jetty",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.56",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
                }
              ],
              "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-08T17:29:31.380Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
            },
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Eclipse Jetty GZIP buffer release",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-13009",
        "datePublished": "2025-05-08T17:29:31.380Z",
        "dateReserved": "2024-12-28T09:11:12.587Z",
        "dateUpdated": "2025-05-08T18:56:39.446Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8184 (GCVE-0-2024-8184)

    Vulnerability from nvd – Published: 2024-10-14 15:09 – Updated: 2025-11-03 19:34
    VLAI
    Title
    Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
    Summary
    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.3.12 , ≤ 9.4.55 (semver)
    Affected: 10.0.0 , ≤ 10.0.23 (semver)
    Affected: 11.0.0 , ≤ 11.0.23 (semver)
    Affected: 12.0.0 , ≤ 12.0.8 (semver)
    Create a notification for this product.
    Date Public
    2024-10-14 03:00
    Credits
    https://github.com/HRsGIT
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:41:50.744158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:42:01.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:34:56.811Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-server"
              ],
              "packageName": "org.eclipse.jetty:jetty-server",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.55",
                  "status": "affected",
                  "version": "9.3.12",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.23",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.23",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.8",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/HRsGIT"
            }
          ],
          "datePublic": "2024-10-14T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
                }
              ],
              "value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:30:02.698Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/11723"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
                }
              ],
              "value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-8184",
        "datePublished": "2024-10-14T15:09:37.861Z",
        "dateReserved": "2024-08-26T15:58:44.006Z",
        "dateUpdated": "2025-11-03T19:34:56.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6763 (GCVE-0-2024-6763)

    Vulnerability from nvd – Published: 2024-10-14 15:06 – Updated: 2025-03-07 00:10
    VLAI
    Title
    Jetty URI parsing of invalid authority
    Summary
    Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 7.0.0 , ≤ 12.0.11 (semver)
    Create a notification for this product.
    eclipse jetty Affected: 7.0.0 , ≤ 12.0.11 (semver)
        cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    https://github.com/zer0yu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "jetty",
                "vendor": "eclipse",
                "versions": [
                  {
                    "lessThanOrEqual": "12.0.11",
                    "status": "affected",
                    "version": "7.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6763",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:44:14.448650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:45:35.771Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-03-07T00:10:46.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-http"
              ],
              "packageName": "org.eclipse.jetty:jetty-http",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.11",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/zer0yu"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eEclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, \u003ccode\u003eHttpURI\u003c/code\u003e, for URI/URL parsing.\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003eHttpURI\u003c/code\u003e class does insufficient validation on the authority segment of a URI.  However the behaviour of \u003ccode\u003eHttpURI\u003c/code\u003e\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC.  Specifically \u003ccode\u003eHttpURI\u003c/code\u003e\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks.\u003c/p\u003e"
                }
              ],
              "value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC.  Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:30:38.815Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/12012"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty URI parsing of invalid authority",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe attacks outlined above rely on decoded user data being passed to the \u003ccode\u003eHttpURI\u003c/code\u003e class. Application should not pass decoded user data as an encoded URI to any URI class/method, including \u003ccode\u003eHttpURI\u003c/code\u003e.  Such applications are likely to be vulnerable in other ways.\u003cbr\u003e\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority.  Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4\"\u003eRFC9110 Section 4.2.4\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser).\u003c/p\u003e"
                }
              ],
              "value": "The attacks outlined above rely on decoded user data being passed to the HttpURI class. Application should not pass decoded user data as an encoded URI to any URI class/method, including HttpURI.  Such applications are likely to be vulnerable in other ways.\n\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority.  Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per  RFC9110 Section 4.2.4 https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4 .\n\n\nNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser)."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-6763",
        "datePublished": "2024-10-14T15:06:07.298Z",
        "dateReserved": "2024-07-15T17:37:53.605Z",
        "dateUpdated": "2025-03-07T00:10:46.301Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6762 (GCVE-0-2024-6762)

    Vulnerability from nvd – Published: 2024-10-14 15:07 – Updated: 2025-11-03 19:34
    VLAI
    Title
    Jetty PushSessionCacheFilter can cause remote DoS attacks
    Summary
    Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 10.0.0 , ≤ 10.0.17 (semver)
    Affected: 11.0.0 , ≤ 11.0.17 (semver)
    Affected: 12.0.0 , ≤ 12.0.3 (semver)
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    Lian Kee
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6762",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:42:42.629742Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:42:50.434Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:34:37.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-servlets"
              ],
              "packageName": "org.eclipse.jetty:jetty-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.17",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.17",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lian Kee"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eJetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory.\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Jetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:07:10.942Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/9715"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/9716"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/10756"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/10755"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty  PushSessionCacheFilter can cause remote DoS attacks",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe session usage is intrinsic to the design of the PushCacheFilter.  The issue can be avoided by:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enot using the PushCacheFilter.  Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\u003c/li\u003e\n\u003cli\u003ereducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\u003c/li\u003e\n\u003cli\u003econfiguring a session cache to use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://jetty.org/docs/jetty/12/programming-guide/server/session.html\"\u003esession passivation\u003c/a\u003e,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory.\u003c/li\u003e\n\u003c/ul\u003e"
                }
              ],
              "value": "The session usage is intrinsic to the design of the PushCacheFilter.  The issue can be avoided by:\n\n\n\n  *  not using the PushCacheFilter.  Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\n\n  *  reducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\n\n  *  configuring a session cache to use  session passivation https://jetty.org/docs/jetty/12/programming-guide/server/session.html ,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-6762",
        "datePublished": "2024-10-14T15:07:10.942Z",
        "dateReserved": "2024-07-15T17:35:50.791Z",
        "dateUpdated": "2025-11-03T19:34:37.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-9823 (GCVE-0-2024-9823)

    Vulnerability from nvd – Published: 2024-10-14 15:03 – Updated: 2025-11-03 19:35
    VLAI
    Title
    Jetty DOS vulnerability on DosFilter
    Summary
    There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.0.0 , < 9.4.54 (semvar)
    Affected: 10.0.0 , < 10.0.18 (semvar)
    Affected: 11.0.0 , < 11.0.18 (semver)
    Create a notification for this product.
    Eclipse Jetty Jetty Affected: 12.0.0 , < 12.0.3 (semvar)
    Create a notification for this product.
    Eclipse Jetty Jetty Affected: 12.0.0 , < 12.0.3 (semver)
    Create a notification for this product.
    eclipse jetty Affected: 9.0.0 , < 9.4.54 (semver)
    Affected: 10.0.0 , < 10.0.18 (semver)
    Affected: 11.0.0 , < 11.0.18 (semver)
    Affected: 12.0.0 , < 12.0.3 (semver)
        cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    Lian Kee
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "jetty",
                "vendor": "eclipse",
                "versions": [
                  {
                    "lessThan": "9.4.54",
                    "status": "affected",
                    "version": "9.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.0.18",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "11.0.18",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "12.0.3",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:46:11.062398Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:49:38.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:35:02.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250306-0006/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-servlets"
              ],
              "packageName": "org.eclipse.jetty:jetty-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThan": "9.4.54",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semvar"
                },
                {
                  "lessThan": "10.0.18",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semvar"
                },
                {
                  "lessThan": "11.0.18",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee8-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee8-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semvar"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee9-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee9-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee10-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee10-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semvar"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lian Kee"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally.\u003cbr\u003e"
                }
              ],
              "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:29:14.390Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
            },
            {
              "url": "https://github.com/jetty/jetty.project/issues/1256"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty DOS vulnerability on DosFilter",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The \u003ccode\u003eDoSFilter\u003c/code\u003e can be configured to not use sessions for tracking usage by setting the \u003ccode\u003etrackSessions\u003c/code\u003e init parameter to \u003ccode\u003efalse\u003c/code\u003e.  This will then use only the IP tracking mechanism, which is not vulnerable.\u003cbr\u003e\nSessions can also be configured to have aggressive passivation or inactivation limits.\u003cbr\u003e"
                }
              ],
              "value": "The DoSFilter can be configured to not use sessions for tracking usage by setting the trackSessions init parameter to false.  This will then use only the IP tracking mechanism, which is not vulnerable.\n\nSessions can also be configured to have aggressive passivation or inactivation limits."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-9823",
        "datePublished": "2024-10-14T15:03:02.293Z",
        "dateReserved": "2024-10-10T15:56:32.744Z",
        "dateUpdated": "2025-11-03T19:35:02.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7708 (GCVE-0-2024-7708)

    Vulnerability from cvelistv5 – Published: 2026-07-14 09:01 – Updated: 2026-07-14 12:17
    VLAI
    Summary
    For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak. This is particularly the case for 100-Continue, but any request where the network is slow can leak.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 10.0.7 , < 10.0.23 (semver)
    Affected: 11.0.7 , < 11.0.23 (semver)
    Create a notification for this product.
    Credits
    https://github.com/kimmerin https://github.com/pmneo
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7708",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:16:59.558842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:17:11.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "org.eclipse.jetty:jetty-server",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThan": "10.0.23",
                  "status": "affected",
                  "version": "10.0.7",
                  "versionType": "semver"
                },
                {
                  "lessThan": "11.0.23",
                  "status": "affected",
                  "version": "11.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/kimmerin"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/pmneo"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
                }
              ],
              "value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T09:01:53.869Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/29"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-7708",
        "datePublished": "2026-07-14T09:01:53.869Z",
        "dateReserved": "2024-08-12T16:15:04.741Z",
        "dateUpdated": "2026-07-14T12:17:11.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8384 (GCVE-0-2026-8384)

    Vulnerability from cvelistv5 – Published: 2026-07-14 08:56 – Updated: 2026-07-14 12:18
    VLAI
    Summary
    In Eclipse Jetty, an HTTP URI of this form: /public;/../admin/secret.txt results in an unresolved path of: /public/../admin/secret.txt instead of the expected: /admin/secret.txt Jetty itself is not affected, as it will not serve the secret.txt file because it will not pass the alias checker (only resolved resources are served). However, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.34 (semver)
    Affected: 12.1.0 , ≤ 12.1.8 (semver)
    Create a notification for this product.
    Credits
    https://github.com/jweny https://github.com/lworld0x00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8384",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:18:08.648859Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:18:29.831Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.34",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/jweny"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/lworld0x00"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, an HTTP URI of this form:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/public;/../admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003eresults in an unresolved path of:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/public/../admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003einstead of the expected:\u003c/p\u003e\n\u003cdiv\u003e\n\u003cpre\u003e\u003ccode\u003e/admin/secret.txt\u003c/code\u003e\u003c/pre\u003e\n\n\u003c/div\u003e\n\u003cp\u003eJetty itself is not affected, as it will not serve the \u003ccode\u003esecret.txt\u003c/code\u003e file because it will not pass the alias checker (only resolved resources are served).\u003c/p\u003e\n\u003cp\u003eHowever, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, an HTTP URI of this form:\n\n\n\n\n\n/public;/../admin/secret.txt\n\n\n\n\n\n\n\n\nresults in an unresolved path of:\n\n\n\n\n\n/public/../admin/secret.txt\n\n\n\n\n\n\n\n\ninstead of the expected:\n\n\n\n\n\n/admin/secret.txt\n\n\n\n\n\n\n\n\nJetty itself is not affected, as it will not serve the secret.txt file because it will not pass the alias checker (only resolved resources are served).\n\n\n\n\nHowever, web applications that rely on resolved paths being provided by Jetty may be confused when receiving an unresolved path."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-647",
                  "description": "CWE-647",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:56:17.525Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/108"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-8384",
        "datePublished": "2026-07-14T08:56:17.525Z",
        "dateReserved": "2026-05-12T10:01:35.472Z",
        "dateUpdated": "2026-07-14T12:18:29.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6790 (GCVE-0-2026-6790)

    Vulnerability from cvelistv5 – Published: 2026-07-14 08:51 – Updated: 2026-07-14 12:20
    VLAI
    Summary
    In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the Host header (if present). This was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112). This mismatch can cause a number of problems that may be classified as vulnerabilities such as: * URI constructions (for example, for redirects -- this is typical for login pages) * Virtual host selection * Reverse proxying * Misleading logs * Etc. Given that the latest RFCs require that request authority and Host header must match, Jetty should enforce this invariant.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 9.4.0 , ≤ 9.4.60 (semver)
    Affected: 10.0.0 , ≤ 10.0.28 (semver)
    Affected: 11.0.0 , ≤ 11.0.28 (semver)
    Affected: 12.0.0 , ≤ 12.0.34 (semver)
    Affected: 12.1.0 , ≤ 12.1.8 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6790",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:18:58.528202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:20:35.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.60",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.28",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.28",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.34",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.8",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the \u003ccode\u003eHost\u003c/code\u003e header (if present).\u003c/p\u003e\n\u003cp\u003eThis was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112).\u003c/p\u003e\n\u003cp\u003eThis mismatch can cause a number of problems that may be classified as vulnerabilities such as:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n        \n      URI constructions (for example, for redirects -- this is typical for login pages)\u003c/li\u003e\n\u003cli\u003e\n        \n      Virtual host selection\u003c/li\u003e\n\u003cli\u003e\n        \n      Reverse proxying\u003c/li\u003e\n\u003cli\u003e\n        \n      Misleading logs\u003c/li\u003e\n\u003cli\u003e\n        \n      Etc.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGiven that the latest RFCs require that request authority and \u003ccode\u003eHost\u003c/code\u003e header must match, Jetty should enforce this invariant.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority (host and port) matches what provided in the Host header (if present).\n\n\n\n\nThis was not enforced in earlier HTTP RFC (for example, in RFC 2616), but it is in the latest RFC (9110 and 9112).\n\n\n\n\nThis mismatch can cause a number of problems that may be classified as vulnerabilities such as:\n\n\n\n  *  \n        \n      URI constructions (for example, for redirects -- this is typical for login pages)\n\n  *  \n        \n      Virtual host selection\n\n  *  \n        \n      Reverse proxying\n\n  *  \n        \n      Misleading logs\n\n  *  \n        \n      Etc.\n\n\n\n\n\n\nGiven that the latest RFCs require that request authority and Host header must match, Jetty should enforce this invariant."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:51:30.527Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/99"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-6790",
        "datePublished": "2026-07-14T08:51:30.527Z",
        "dateReserved": "2026-04-21T13:47:52.520Z",
        "dateUpdated": "2026-07-14T12:20:35.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10051 (GCVE-0-2026-10051)

    Vulnerability from cvelistv5 – Published: 2026-07-14 08:44 – Updated: 2026-07-14 12:57
    VLAI
    Summary
    In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.35 (semver)
    Affected: 12.1.0 , ≤ 12.1.9 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10051",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T12:57:36.570816Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T12:57:50.096Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.35",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection.\nSubsequent request that do not have trailers report the trailers of the first request.\nSubsequent request that do have trailers report the union of trailers of the first request and the current request."
                }
              ],
              "value": "In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection.\nSubsequent request that do not have trailers report the trailers of the first request.\nSubsequent request that do have trailers report the union of trailers of the first request and the current request."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T08:44:38.233Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/119"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-10051",
        "datePublished": "2026-07-14T08:44:38.233Z",
        "dateReserved": "2026-05-29T07:28:48.617Z",
        "dateUpdated": "2026-07-14T12:57:50.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2332 (GCVE-0-2026-2332)

    Vulnerability from cvelistv5 – Published: 2026-04-14 10:59 – Updated: 2026-07-15 01:18
    VLAI
    Title
    HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
    Summary
    In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined here: * https://w4ke.info/2025/06/18/funky-chunks.html * https://w4ke.info/2025/10/29/funky-chunks-2.html Jetty terminates chunk extension parsing at \r\n inside quoted strings instead of treating this as an error. POST / HTTP/1.1 Host: localhost Transfer-Encoding: chunked 1;ext="val X 0 GET /smuggled HTTP/1.1 ... Note how the chunk extension does not close the double quotes, and it is able to inject a smuggled request.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.1.0 , ≤ 12.1.6 (semver)
    Affected: 12.0.0 , ≤ 12.0.32 (semver)
    Affected: 11.0.0 , ≤ 11.0.27 (semver)
    Affected: 10.0.0 , ≤ 10.0.27 (semver)
    Affected: 9.4.0 , ≤ 9.4.59 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.18 for Quarkus 3.33     cpe:/a:redhat:apache_camel_quarkus:3.33
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.2.0-19.el9_8.2 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal 1.2.7 Unaffected: 1779996999 , < * (rpm)
        cpe:/a:redhat:offline_knowledge_portal:1.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.27 Unaffected: 1776716842 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.27::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.27 Unaffected: 1776717247 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.27::el9
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat JBoss Web Server 6     cpe:/a:redhat:jboss_enterprise_web_server:6
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    https://github.com/xclow3n
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2332",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-14T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T03:58:12.322Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.33"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Build of Apache Camel 4.18 for Quarkus 3.33",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "packageName": "jmc",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.2.0-19.el9_8.2",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1.2::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal 1.2.7",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779996999",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.27::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.27",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1776716842",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.27::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.27",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1776717247",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "jenkins",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel8",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel9",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unknown",
                "packageName": "jetty-http",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_web_server:6"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat JBoss Web Server 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-http",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "openvox-server",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "packageName": "satellite-capsule:el8/puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-http",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-14T10:59:10.193Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-444",
                    "description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T01:18:45.256Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-2332"
              },
              {
                "name": "RHBZ#2458187",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458187"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2332.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20568"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22453"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21773"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10175"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:20568: Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22453: Red Hat Build of Apache Camel 4.18 for Quarkus 3.33"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21773: Red Hat Offline Knowledge Portal 1.2.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-14T12:01:05.768Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-14T10:59:10.193Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing",
            "workarounds": [
              {
                "lang": "en",
                "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "pkg://maven/org.eclipse.jetty/jetty-http",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.6",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.32",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.27",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.27",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.4.59",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "https://github.com/xclow3n"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the \"funky chunks\" techniques outlined here:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan\u003ehttps://w4ke.info/2025/06/18/funky-chunks.html\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003ehttps://w4ke.info/2025/10/29/funky-chunks-2.html\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003eJetty terminates chunk extension parsing at\u0026nbsp;\u003ccode\u003e\\r\\n\u003c/code\u003e\u0026nbsp;inside quoted strings instead of treating this as an error.\u003cbr\u003e\u003cbr\u003e\n\u003cpre\u003ePOST / HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n1;ext=\"val\nX\n0\n\nGET /smuggled HTTP/1.1\n...\n\u003c/pre\u003e\n\n\u003cdiv\u003e\u003cbr\u003eNote how the chunk extension does not close the double quotes, and it is able to inject a smuggled request.\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the \"funky chunks\" techniques outlined here:\n  *  https://w4ke.info/2025/06/18/funky-chunks.html\n\n  *  https://w4ke.info/2025/10/29/funky-chunks-2.html\n\n\nJetty terminates chunk extension parsing at\u00a0\\r\\n\u00a0inside quoted strings instead of treating this as an error.\n\n\nPOST / HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n1;ext=\"val\nX\n0\n\nGET /smuggled HTTP/1.1\n...\n\n\n\n\n\nNote how the chunk extension does not close the double quotes, and it is able to inject a smuggled request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-444",
                  "description": "CWE-444 Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response smuggling\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-14T10:59:10.193Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HTTP Request Smuggling via Chunked Extension Quoted-String Parsing",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-2332",
        "datePublished": "2026-04-14T10:59:10.193Z",
        "dateReserved": "2026-02-11T09:56:25.879Z",
        "dateUpdated": "2026-07-15T01:18:45.256Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5795 (GCVE-0-2026-5795)

    Vulnerability from cvelistv5 – Published: 2026-04-08 13:32 – Updated: 2026-07-15 00:42
    VLAI
    Summary
    In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals. A subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-226 - Sensitive information in resource not removed before reuse
    • CWE-287 - Improper Authentication
    • CWE-226 - Sensitive Information in Resource Not Removed Before Reuse
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.1.0 , ≤ 12.1.7 (semver)
    Affected: 12.0.0 , ≤ 12.0.33 (semver)
    Affected: 11.0.0 , ≤ 11.0.28 (semver)
    Affected: 10.0.0 , ≤ 10.0.28 (semver)
    Affected: 9.4.0 , ≤ 9.4.60 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0 Unaffected: ee10-servlet , < * (rpm)
    Unaffected: ee10-webapp , < * (rpm)
        cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 Unaffected: ee10-annotations , < * (rpm)
    Unaffected: ee10-plus , < * (rpm)
    Unaffected: ee10-servlet , < * (rpm)
    Unaffected: ee10-servlets , < * (rpm)
    Unaffected: ee10-webapp , < * (rpm)
        cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 Unaffected: apache-jsp , < * (rpm)
        cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal 1.2.7 Unaffected: 1782239370 , < * (rpm)
        cpe:/a:redhat:offline_knowledge_portal:1.2::el9
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    https://github.com/HRsGIT
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5795",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-09T03:56:11.784Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlet",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-webapp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-annotations",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-plus",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlet",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-servlets",
                    "versionType": "rpm"
                  },
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "ee10-webapp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-ee10",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "apache-jsp",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1.2::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal 1.2.7",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1782239370",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-annotations",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-apache-jsp",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-cdi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-fcgi-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-glassfish-jstl",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-home",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jaspi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jndi",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jspc-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-plus",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-quickstart",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-webapp",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-annotations",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-apache-jsp",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-cdi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-fcgi-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-glassfish-jstl",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-home",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jaspi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jndi",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-jspc-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-maven-plugin",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-plus",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-proxy",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-quickstart",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlet",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-webapp",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "packageName": "jetty-ee10-servlet",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-ee10-servlets",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T13:32:28.935Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Eclipse Jetty. The `JASPIAuthenticator` class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly clearing the ThreadLocal variables, allowing a subsequent request to inherit the un-cleared ThreadLocal values. This issue can cause broken access control, authentication bypass, privilege escalation and data breaches."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-226",
                    "description": "Sensitive Information in Resource Not Removed Before Reuse",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T00:42:04.200Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5795"
              },
              {
                "name": "RHBZ#2456519",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456519"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5795.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28573"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28573: Red Hat Offline Knowledge Portal 1.2.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-08T14:01:02.911Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T13:32:28.935Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables",
            "workarounds": [
              {
                "lang": "en",
                "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.7",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.33",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.28",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.28",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "9.4.60",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/HRsGIT"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, the class \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e initiates the authentication checks, which set two \u003ccode\u003eThreadLocal\u003c/code\u003e variable.\u003c/p\u003e\n\u003cp\u003eUpon returning from the initial checks, there are conditions that cause an early return from the \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e code without clearing those \u003ccode\u003eThreadLocal\u003c/code\u003es.\u003c/p\u003e\n\u003cp\u003eA subsequent request using the same thread inherits the \u003ccode\u003eThreadLocal\u003c/code\u003e values, leading to a broken access control and privilege escalation.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-226",
                  "description": "CWE-226 Sensitive information in resource not removed before reuse",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T13:32:28.935Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-5795",
        "datePublished": "2026-04-08T13:32:28.935Z",
        "dateReserved": "2026-04-08T13:21:06.990Z",
        "dateUpdated": "2026-07-15T00:42:04.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1605 (GCVE-0-2026-1605)

    Vulnerability from cvelistv5 – Published: 2026-03-05 09:39 – Updated: 2026-07-15 01:21
    VLAI
    Summary
    In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response. In this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    • CWE-772 - Missing Release of Resource after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 12.0.0 , ≤ 12.0.31 (semver)
    Affected: 12.1.0. , ≤ 12.1.5 (semver)
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.14.0     cpe:/a:redhat:amq_broker:7.14
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:2.40.0-7.redhat_00015.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:801.6.1-1.GA_redhat_00001.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:2.3.24-3.SP2_redhat_00001.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Unaffected: 0:8.1.6-7.GA_redhat_00010.1.el8eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:2.40.0-7.redhat_00015.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:801.6.1-1.GA_redhat_00001.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:2.3.24-3.SP2_redhat_00001.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Unaffected: 0:8.1.6-7.GA_redhat_00010.1.el9eap , < * (rpm)
        cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28 Unaffected: 1779528224 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28 Unaffected: 1779359423 , < * (rpm)
        cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel for Spring Boot 4     cpe:/a:redhat:camel_spring_boot:4
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat JBoss Web Server 6     cpe:/a:redhat:jboss_enterprise_web_server:6
    Create a notification for this product.
    Red Hat Red Hat Offline Knowledge Portal     cpe:/a:redhat:offline_knowledge_portal:1
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Gleb Sizov (@glebashnik) Bjørn Christian Seime (@bjorncs)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:46:07.126962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:46:16.289Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.14"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat AMQ Broker 7.14.0",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-activemq-artemis",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.40.0-7.redhat_00015.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-eap-product-conf-parent",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:801.6.1-1.GA_redhat_00001.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-undertow",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.3.24-3.SP2_redhat_00001.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-wildfly",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.1.6-7.GA_redhat_00010.1.el8eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-activemq-artemis",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.40.0-7.redhat_00015.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-eap-product-conf-parent",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:801.6.1-1.GA_redhat_00001.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-undertow",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:2.3.24-3.SP2_redhat_00001.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "eap8-wildfly",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0:8.1.6-7.GA_redhat_00010.1.el9eap",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/openvsx-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779528224",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://catalog.redhat.com/software/containers/",
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "packageName": "devspaces/pluginregistry-rhel9",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "1779359423",
                    "versionType": "rpm"
                  }
                ]
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "jenkins",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel8",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "packageName": "ocp-tools-4/jenkins-rhel9",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:camel_spring_boot:4"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apache Camel for Spring Boot 4",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "maven-wagon",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "pki-core:10.6/resteasy",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "packageName": "pki-deps:10.6/resteasy",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jmc",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "packageName": "resteasy",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_web_server:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat JBoss Web Server 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:offline_knowledge_portal:1"
                ],
                "defaultStatus": "unaffected",
                "packageName": "offline-knowledge-portal/rhokp-rhel9",
                "product": "Red Hat Offline Knowledge Portal",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "packageName": "satellite-capsule:el8/puppetserver",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "packageName": "jetty-server",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-05T09:39:01.315Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server\u0027s response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustion can result in a Denial of Service (DoS), making the server unavailable to legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-772",
                    "description": "Missing Release of Resource after Effective Lifetime",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T01:21:22.651Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1605"
              },
              {
                "name": "RHBZ#2444815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1605.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25125"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8509"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25126"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:25125: Red Hat JBoss EAP 8.1 for RHEL 8, Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8509: Red Hat AMQ Broker 7.14.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25126: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-05T11:00:57.250Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-05T09:39:01.315Z",
                "value": "Made public."
              }
            ],
            "title": "org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.31",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.5",
                  "status": "affected",
                  "version": "12.1.0.",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gleb Sizov (@glebashnik)"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Bj\u00f8rn Christian Seime (@bjorncs)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIn Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class \u003ccode\u003eGzipHandler\u003c/code\u003e exposes a vulnerability when a compressed HTTP request, with \u003ccode\u003eContent-Encoding: gzip\u003c/code\u003e, is processed and the corresponding response is not compressed.\u003c/p\u003e\n\u003cp\u003eThis happens because the JDK \u003ccode\u003eInflater\u003c/code\u003e is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response.\nIn this case, since the response is not compressed, the release mechanism does not trigger, causing the leak.\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed.\n\n\nThis happens because the JDK Inflater is allocated for decompressing the request, but it is not released because the release mechanism is tied to the compressed response.\nIn this case, since the response is not compressed, the release mechanism does not trigger, causing the leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T09:39:01.315Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2026-1605",
        "datePublished": "2026-03-05T09:39:01.315Z",
        "dateReserved": "2026-01-29T10:58:31.963Z",
        "dateUpdated": "2026-07-15T01:21:22.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11143 (GCVE-0-2025-11143)

    Vulnerability from cvelistv5 – Published: 2026-03-05 09:26 – Updated: 2026-03-05 14:48
    VLAI
    Summary
    The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Eclipse Jetty Affected: 9.4.0 , ≤ 9.4.58 (semver)
    Affected: 10.0.0 , ≤ 10.0.26 (semver)
    Affected: 11.0.0 , ≤ 11.0.26 (semver)
    Affected: 12.0.0 , ≤ 12.0.30 (semver)
    Affected: 12.1.0 , ≤ 12.1.4 (semver)
    Create a notification for this product.
    Credits
    zer0yu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:48:27.345884Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:48:41.622Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.58",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.26",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.26",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.30",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.4",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zer0yu"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDifferential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAt the very least, differential parsing may divulge implementation details.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs.\u00a0Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response.\u00a0At the very least, differential parsing may divulge implementation details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T09:26:59.830Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-wjpw-4j6x-6rwh"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-11143",
        "datePublished": "2026-03-05T09:26:59.830Z",
        "dateReserved": "2025-09-29T05:08:52.530Z",
        "dateUpdated": "2026-03-05T14:48:41.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5115 (GCVE-0-2025-5115)

    Vulnerability from cvelistv5 – Published: 2025-08-20 19:07 – Updated: 2025-11-04 21:11
    VLAI
    Title
    MadeYouReset HTTP/2 vulnerability
    Summary
    In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory. For example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal. Per specification https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame. The client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time. The attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame. Links: * https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Jetty Eclipse Jetty Affected: >=9.3.0 , ≤ <=9.4.57 (semver)
    Affected: >=10.0.0 , ≤ <=10.0.25 (semver)
    Affected: >=11.0.0 , ≤ <=11.0.25 (semver)
    Affected: >=12.0.0 , ≤ <=12.0.21 (semver)
    Affected: >=12.1.0.alpha0 , ≤ <=12.1.0.alpha2 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5115",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-20T19:28:04.700843Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-20T19:28:12.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:11:37.182Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00014.html"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/767506"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/09/17/1"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/08/20/4"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2",
              "defaultStatus": "unaffected",
              "packageName": "pkg:maven/org.eclipse.jetty.http2/http2-common",
              "product": "Eclipse Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=9.4.57",
                  "status": "affected",
                  "version": "\u003e=9.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.0.25",
                  "status": "affected",
                  "version": "\u003e=10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=11.0.25",
                  "status": "affected",
                  "version": "\u003e=11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=12.0.21",
                  "status": "affected",
                  "version": "\u003e=12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=12.1.0.alpha2",
                  "status": "affected",
                  "version": "\u003e=12.1.0.alpha0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eIn Eclipse Jetty, versions \u0026lt;=9.4.57, \u0026lt;=10.0.25, \u0026lt;=11.0.25, \u0026lt;=12.0.21, \u0026lt;=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory.\u003c/p\u003e\n\u003cp\u003eFor example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal.\nPer specification\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update\"\u003e\u003c/a\u003e, the server should send a RST_STREAM frame.\nThe client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time.\u003c/p\u003e\n\u003cp\u003eThe attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame.\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h\"\u003ehttps://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "In Eclipse Jetty, versions \u003c=9.4.57, \u003c=10.0.25, \u003c=11.0.25, \u003c=12.0.21, \u003c=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory.\n\n\nFor example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal.\nPer specification  https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame.\nThe client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time.\n\n\nThe attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame.\n\n\n\nLinks:\n\n\n\n  *   https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-21T10:36:49.477Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/jetty/jetty.project/pull/13449"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-12.1.0"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-12.0.25"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-11.0.26"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-10.0.26"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/jetty/jetty.project/releases/tag/jetty-9.4.58.v20250814"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MadeYouReset HTTP/2 vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-5115",
        "datePublished": "2025-08-20T19:07:11.546Z",
        "dateReserved": "2025-05-23T08:55:59.861Z",
        "dateUpdated": "2025-11-04T21:11:37.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-1948 (GCVE-0-2025-1948)

    Vulnerability from cvelistv5 – Published: 2025-05-08 17:48 – Updated: 2025-05-08 18:31
    VLAI
    Title
    Eclipse Jetty HTTP clients can increase memory allocation
    Summary
    In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE. The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 12.0.0 , ≤ 12.0.16 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1948",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:31:29.735282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:31:44.196Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Jetty",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.16",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
                }
              ],
              "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-08T17:48:40.831Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"
            },
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Eclipse Jetty HTTP clients can increase memory allocation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2025-1948",
        "datePublished": "2025-05-08T17:48:40.831Z",
        "dateReserved": "2025-03-04T13:55:56.722Z",
        "dateUpdated": "2025-05-08T18:31:44.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-13009 (GCVE-0-2024-13009)

    Vulnerability from cvelistv5 – Published: 2025-05-08 17:29 – Updated: 2025-05-08 18:56 Unsupported When Assigned
    VLAI
    Title
    Eclipse Jetty GZIP buffer release
    Summary
    In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.4.0 , ≤ 9.4.56 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13009",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:55:32.278977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:56:39.446Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Jetty",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.56",
                  "status": "affected",
                  "version": "9.4.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
                }
              ],
              "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-08T17:29:31.380Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
            },
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Eclipse Jetty GZIP buffer release",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-13009",
        "datePublished": "2025-05-08T17:29:31.380Z",
        "dateReserved": "2024-12-28T09:11:12.587Z",
        "dateUpdated": "2025-05-08T18:56:39.446Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8184 (GCVE-0-2024-8184)

    Vulnerability from cvelistv5 – Published: 2024-10-14 15:09 – Updated: 2025-11-03 19:34
    VLAI
    Title
    Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
    Summary
    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.3.12 , ≤ 9.4.55 (semver)
    Affected: 10.0.0 , ≤ 10.0.23 (semver)
    Affected: 11.0.0 , ≤ 11.0.23 (semver)
    Affected: 12.0.0 , ≤ 12.0.8 (semver)
    Create a notification for this product.
    Date Public
    2024-10-14 03:00
    Credits
    https://github.com/HRsGIT
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:41:50.744158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:42:01.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:34:56.811Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-server"
              ],
              "packageName": "org.eclipse.jetty:jetty-server",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "9.4.55",
                  "status": "affected",
                  "version": "9.3.12",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.0.23",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.23",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.8",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/HRsGIT"
            }
          ],
          "datePublic": "2024-10-14T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
                }
              ],
              "value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:30:02.698Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/11723"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
                }
              ],
              "value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-8184",
        "datePublished": "2024-10-14T15:09:37.861Z",
        "dateReserved": "2024-08-26T15:58:44.006Z",
        "dateUpdated": "2025-11-03T19:34:56.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6762 (GCVE-0-2024-6762)

    Vulnerability from cvelistv5 – Published: 2024-10-14 15:07 – Updated: 2025-11-03 19:34
    VLAI
    Title
    Jetty PushSessionCacheFilter can cause remote DoS attacks
    Summary
    Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 10.0.0 , ≤ 10.0.17 (semver)
    Affected: 11.0.0 , ≤ 11.0.17 (semver)
    Affected: 12.0.0 , ≤ 12.0.3 (semver)
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    Lian Kee
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6762",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:42:42.629742Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:42:50.434Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:34:37.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-servlets"
              ],
              "packageName": "org.eclipse.jetty:jetty-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.17",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "11.0.17",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lian Kee"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eJetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory.\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Jetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:07:10.942Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/9715"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/9716"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/10756"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/10755"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty  PushSessionCacheFilter can cause remote DoS attacks",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe session usage is intrinsic to the design of the PushCacheFilter.  The issue can be avoided by:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enot using the PushCacheFilter.  Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\u003c/li\u003e\n\u003cli\u003ereducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\u003c/li\u003e\n\u003cli\u003econfiguring a session cache to use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://jetty.org/docs/jetty/12/programming-guide/server/session.html\"\u003esession passivation\u003c/a\u003e,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory.\u003c/li\u003e\n\u003c/ul\u003e"
                }
              ],
              "value": "The session usage is intrinsic to the design of the PushCacheFilter.  The issue can be avoided by:\n\n\n\n  *  not using the PushCacheFilter.  Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\n\n  *  reducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\n\n  *  configuring a session cache to use  session passivation https://jetty.org/docs/jetty/12/programming-guide/server/session.html ,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-6762",
        "datePublished": "2024-10-14T15:07:10.942Z",
        "dateReserved": "2024-07-15T17:35:50.791Z",
        "dateUpdated": "2025-11-03T19:34:37.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6763 (GCVE-0-2024-6763)

    Vulnerability from cvelistv5 – Published: 2024-10-14 15:06 – Updated: 2025-03-07 00:10
    VLAI
    Title
    Jetty URI parsing of invalid authority
    Summary
    Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 7.0.0 , ≤ 12.0.11 (semver)
    Create a notification for this product.
    eclipse jetty Affected: 7.0.0 , ≤ 12.0.11 (semver)
        cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    https://github.com/zer0yu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "jetty",
                "vendor": "eclipse",
                "versions": [
                  {
                    "lessThanOrEqual": "12.0.11",
                    "status": "affected",
                    "version": "7.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6763",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:44:14.448650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:45:35.771Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-03-07T00:10:46.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-http"
              ],
              "packageName": "org.eclipse.jetty:jetty-http",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.11",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "https://github.com/zer0yu"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eEclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, \u003ccode\u003eHttpURI\u003c/code\u003e, for URI/URL parsing.\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003eHttpURI\u003c/code\u003e class does insufficient validation on the authority segment of a URI.  However the behaviour of \u003ccode\u003eHttpURI\u003c/code\u003e\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC.  Specifically \u003ccode\u003eHttpURI\u003c/code\u003e\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks.\u003c/p\u003e"
                }
              ],
              "value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC.  Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:30:38.815Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
            },
            {
              "url": "https://github.com/jetty/jetty.project/pull/12012"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty URI parsing of invalid authority",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe attacks outlined above rely on decoded user data being passed to the \u003ccode\u003eHttpURI\u003c/code\u003e class. Application should not pass decoded user data as an encoded URI to any URI class/method, including \u003ccode\u003eHttpURI\u003c/code\u003e.  Such applications are likely to be vulnerable in other ways.\u003cbr\u003e\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority.  Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4\"\u003eRFC9110 Section 4.2.4\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser).\u003c/p\u003e"
                }
              ],
              "value": "The attacks outlined above rely on decoded user data being passed to the HttpURI class. Application should not pass decoded user data as an encoded URI to any URI class/method, including HttpURI.  Such applications are likely to be vulnerable in other ways.\n\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority.  Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per  RFC9110 Section 4.2.4 https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4 .\n\n\nNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser)."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-6763",
        "datePublished": "2024-10-14T15:06:07.298Z",
        "dateReserved": "2024-07-15T17:37:53.605Z",
        "dateUpdated": "2025-03-07T00:10:46.301Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9823 (GCVE-0-2024-9823)

    Vulnerability from cvelistv5 – Published: 2024-10-14 15:03 – Updated: 2025-11-03 19:35
    VLAI
    Title
    Jetty DOS vulnerability on DosFilter
    Summary
    There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Eclipse Foundation Jetty Affected: 9.0.0 , < 9.4.54 (semvar)
    Affected: 10.0.0 , < 10.0.18 (semvar)
    Affected: 11.0.0 , < 11.0.18 (semver)
    Create a notification for this product.
    Eclipse Jetty Jetty Affected: 12.0.0 , < 12.0.3 (semvar)
    Create a notification for this product.
    Eclipse Jetty Jetty Affected: 12.0.0 , < 12.0.3 (semver)
    Create a notification for this product.
    eclipse jetty Affected: 9.0.0 , < 9.4.54 (semver)
    Affected: 10.0.0 , < 10.0.18 (semver)
    Affected: 11.0.0 , < 11.0.18 (semver)
    Affected: 12.0.0 , < 12.0.3 (semver)
        cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-14 15:00
    Credits
    Lian Kee
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "jetty",
                "vendor": "eclipse",
                "versions": [
                  {
                    "lessThan": "9.4.54",
                    "status": "affected",
                    "version": "9.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "10.0.18",
                    "status": "affected",
                    "version": "10.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "11.0.18",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "12.0.3",
                    "status": "affected",
                    "version": "12.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:46:11.062398Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:49:38.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:35:02.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250306-0006/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-servlets"
              ],
              "packageName": "org.eclipse.jetty:jetty-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Foundation",
              "versions": [
                {
                  "lessThan": "9.4.54",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "semvar"
                },
                {
                  "lessThan": "10.0.18",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "semvar"
                },
                {
                  "lessThan": "11.0.18",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee8-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee8-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semvar"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee9-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee9-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://repo.maven.apache.org/maven2/",
              "defaultStatus": "unaffected",
              "modules": [
                "jetty-ee10-servlets"
              ],
              "packageName": "org.eclipse.jetty.ee8:jetty-ee10-servlets",
              "product": "Jetty",
              "repo": "https://github.com/jetty/jetty.project",
              "vendor": "Eclipse Jetty",
              "versions": [
                {
                  "lessThan": "12.0.3",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semvar"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lian Kee"
            }
          ],
          "datePublic": "2024-10-14T15:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally.\u003cbr\u003e"
                }
              ],
              "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-14T15:29:14.390Z",
            "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
            "shortName": "eclipse"
          },
          "references": [
            {
              "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
            },
            {
              "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
            },
            {
              "url": "https://github.com/jetty/jetty.project/issues/1256"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Jetty DOS vulnerability on DosFilter",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The \u003ccode\u003eDoSFilter\u003c/code\u003e can be configured to not use sessions for tracking usage by setting the \u003ccode\u003etrackSessions\u003c/code\u003e init parameter to \u003ccode\u003efalse\u003c/code\u003e.  This will then use only the IP tracking mechanism, which is not vulnerable.\u003cbr\u003e\nSessions can also be configured to have aggressive passivation or inactivation limits.\u003cbr\u003e"
                }
              ],
              "value": "The DoSFilter can be configured to not use sessions for tracking usage by setting the trackSessions init parameter to false.  This will then use only the IP tracking mechanism, which is not vulnerable.\n\nSessions can also be configured to have aggressive passivation or inactivation limits."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "assignerShortName": "eclipse",
        "cveId": "CVE-2024-9823",
        "datePublished": "2024-10-14T15:03:02.293Z",
        "dateReserved": "2024-10-10T15:56:32.744Z",
        "dateUpdated": "2025-11-03T19:35:02.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }