from 0, < 9.4.50-4+deb11u1
CRITICAL9.8CVE-2017-7658Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling) from 0, < 9.2.25-1
CRITICAL9.8Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
from 0, < 9.2.25-1
CRITICAL9.4Operation on a Resource after Expiration or Release in Jetty Server
from 0, < 9.4.31-1
HIGH7.5jetty12 - security update
from 0, < 9.4.57-0+deb11u3
HIGH7.5jetty12 - security update
from 0, < 9.4.57-1.1~deb12u1
HIGH7.5jetty12 - security update
from 0, < 9.4.57-0+deb11u3
HIGH7.5jetty9 - security update
from 0, < 9.4.50-4+deb11u2
HIGH7.5jetty9 - security update
from 0, < 9.4.50-4+deb11u2
HIGH7.5jetty9 - security update
from 0, < 9.4.50-4+deb10u2
HIGH7.5jetty9 - security update
from 0, < 9.4.50-4+deb11u1
HIGH7.5jetty9 - security update
from 0, < 9.4.50-4+deb11u1
HIGH7.5Jetty vulnerable to Invalid HTTP/2 requests that can lead to denial of service
from 0, < 9.4.39-3+deb11u1
HIGH7.5Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources
from 0, < 9.4.39-1
HIGH7.5jetty9 - security update
from 0, < 9.2.21-1+deb9u1
HIGH7.5jetty9 - security update
from 0, < 9.2.25-1
HIGH7.5jetty9 - security update
from 0, < 9.2.22-1
HIGH7.5jetty9 - security update
from 0, < 9.2.30-0+deb9u1
HIGH7.4Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
from 0
HIGH7.4Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables
from 0
HIGH7.2jetty9 - security update
from 0, < 9.4.57-0+deb11u1
HIGH7.2jetty9 - security update
from 0, < 9.4.57-0+deb12u1
HIGH7.2jetty9 - security update
from 0, < 9.4.57-0+deb11u1
HIGH7.0Local Temp Directory Hijacking Vulnerability
from 0, < 9.4.33-1
MEDIUM6.1Unescaped exception messages in error responses in Jetty
from 0, < 9.4.26-1
MEDIUM6.1jetty9 - security update
from 0, < 9.4.16-0+deb10u1
MEDIUM6.1jetty9 - security update
from 0, < 9.4.18-2
MEDIUM5.9Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
from 0, < 9.4.57-0+deb11u1
MEDIUM5.3Eclipse Jetty has a denial of service vulnerability on DosFilter
from 0, < 9.4.57-0+deb11u1
MEDIUM5.3Jetty accepts "+" prefixed value in Content-Length
from 0, < 9.4.39-3+deb11u2
MEDIUM5.3jetty9 - security update
from 0, < 9.4.16-0+deb10u3
MEDIUM5.3jetty9 - security update
from 0, < 9.4.39-3+deb11u2
MEDIUM5.3jetty9 - security update
from 0, < 9.4.39-3+deb11u2
MEDIUM5.3Encoded URIs can access WEB-INF directory in Eclipse Jetty
from 0, < 9.4.39-3
MEDIUM5.3jetty9 - security update
from 0, < 9.4.39-2
MEDIUM5.3jetty9 - security update
from 0, < 9.2.30-0+deb9u2
MEDIUM5.3Authorization Before Parsing and Canonicalization in jetty
from 0, < 9.4.39-1
MEDIUM5.3DOS vulnerability for Quoted Quality CSV headers
from 0, < 9.4.38-1
MEDIUM5.3Installation information leak in Eclipse Jetty
from 0, < 9.4.18-2
MEDIUM5.3Eclipse Jetty Server generates error message containing sensitive information
from 0, < 9.2.25-1
MEDIUM4.8jetty9 - security update
from 0, < 9.4.50-4+deb10u1
MEDIUM4.8jetty9 - security update
from 0, < 9.4.35-1
LOW3.7org.eclipse.jetty:jetty-http has different parsing of invalid URIs
from 0
LOW3.7Eclipse Jetty URI parsing of invalid authority
from 0
LOW3.5Jetty's OpenId Revoked authentication allows one request
from 0, < 9.4.39-3+deb11u2
LOW3.5Jetty vulnerable to errant command quoting in CGI Servlet
from 0, < 9.4.39-3+deb11u2
LOW3.5SessionListener can prevent a session from being invalidated breaking logout
from 0, < 9.4.39-2
LOW3.1Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks
from 0, < 9.4.57-0+deb11u1
LOW2.7jetty9 - security update
from 0, < 9.4.39-3+deb11u1
LOW2.7jetty9 - security update
from 0, < 9.4.39-3+deb11u1
LOW2.7jetty9 - security update
from 0, < 9.4.16-0+deb10u2
LOW2.7Directory exposure in jetty
from 0, < 9.4.39-1
LOW2.4Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookies
from 0, < 9.4.39-3+deb11u2