Org.eclipse.jetty:jetty-http
This hub aggregates every CVE we track for Org.eclipse.jetty:jetty-http, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
LOW3MEDIUM1
Monthly trend
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Org.eclipse.jetty:jetty-http.
- CVE-2025-11143The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in secur...3.7
- CVE-2024-6763Jetty URI parsing of invalid authority3.7
- CVE-2023-40167Jetty accepts "+" prefixed value in Content-Length5.3
- CVE-2022-2047In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly ...2.7
Product normalization is registry-driven with AI assist and human review. How it works