Jetty.project
This hub aggregates every CVE we track for Jetty.project, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
LOW3HIGH2MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Jetty.project.
- CVE-2024-22201Jetty connection leaking on idle timeout when TCP congested7.5
- CVE-2023-36478HTTP/2 HPACK integer overflow and buffer allocation7.5
- CVE-2023-41900Jetty's OpenId Revoked authentication allows one request3.5
- CVE-2023-40167Jetty accepts "+" prefixed value in Content-Length5.3
- CVE-2023-36479Jetty vulnerable to errant command quoting in CGI Servlet3.5
- CVE-2023-26049Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty2.4
- CVE-2023-26048OutOfMemoryError for large multipart without filename in Eclipse Jetty5.3
Product normalization is registry-driven with AI assist and human review. How it works