| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40939 | DSF: Missing Session Timeout for OIDC Sessions | datasharingframework | dsf | - | - | 2026-04-21 21:07:11 | Deep Dive |
| CVE-2026-2332 | HTTP Request Smuggling via Chunked Extension Quoted-String Parsing | Eclipse Foundation | Eclipse Jetty | High | 7.4 | 2026-04-14 10:59:10 | Deep Dive |
| CVE-2026-5795 | Eclipse Jetty 授权问题漏洞 | Eclipse Foundation | Eclipse Jetty | High | 7.4 | 2026-04-08 13:32:29 | Deep Dive |
| CVE-2026-1605 | Eclipse Jetty 安全漏洞 | Eclipse Foundation | Eclipse Jetty | High | 7.5 | 2026-03-05 09:39:01 | Deep Dive |
| CVE-2025-11143 | Eclipse Jetty 输入验证错误漏洞 | Eclipse Foundation | Eclipse Jetty | Low | 3.7 | 2026-03-05 09:27:00 | Deep Dive |
| CVE-2025-5115 | MadeYouReset HTTP/2 vulnerability | Eclipse Jetty | Eclipse Jetty | - | - | 2025-08-20 19:07:12 | Deep Dive |
| CVE-2025-1948 | Eclipse Jetty HTTP clients can increase memory allocation | Eclipse Foundation | Jetty | High | 7.5 | 2025-05-08 17:48:41 | Deep Dive |
| CVE-2024-13009 | Eclipse Jetty GZIP buffer release | Eclipse Foundation | Jetty | High | 7.2 | 2025-05-08 17:29:31 | Deep Dive |
| CVE-2024-8184 | Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks | Eclipse Foundation | Jetty | Medium | 5.9 | 2024-10-14 15:09:38 | Deep Dive |
| CVE-2024-6762 | Jetty PushSessionCacheFilter can cause remote DoS attacks | Eclipse Foundation | Jetty | Low | 3.1 | 2024-10-14 15:07:11 | Deep Dive |
| CVE-2024-6763 | Jetty URI parsing of invalid authority | Eclipse Foundation | Jetty | Low | 3.7 | 2024-10-14 15:06:07 | Deep Dive |
| CVE-2024-9823 | Jetty DOS vulnerability on DosFilter | Eclipse Foundation | Jetty | Medium | 5.3 | 2024-10-14 15:03:02 | Deep Dive |
| CVE-2024-22201 | Jetty connection leaking on idle timeout when TCP congested | jetty | jetty.project | High | 7.5 | 2024-02-26 16:13:34 | Deep Dive |
| CVE-2023-36478 | HTTP/2 HPACK integer overflow and buffer allocation | eclipse | jetty.project | High | 7.5 | 2023-10-10 16:53:07 | Deep Dive |
| CVE-2023-41900 | Jetty's OpenId Revoked authentication allows one request | eclipse | jetty.project | Low | 3.5 | 2023-09-15 20:17:42 | Deep Dive |
| CVE-2023-40167 | Jetty accepts "+" prefixed value in Content-Length | eclipse | jetty.project | Medium | 5.3 | 2023-09-15 19:37:38 | Deep Dive |
| CVE-2023-36479 | Jetty vulnerable to errant command quoting in CGI Servlet | eclipse | jetty.project | Low | 3.5 | 2023-09-15 18:37:36 | Deep Dive |
| CVE-2023-26049 | Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty | eclipse | jetty.project | Low | 2.4 | 2023-04-18 20:35:37 | Deep Dive |
| CVE-2023-26048 | OutOfMemoryError for large multipart without filename in Eclipse Jetty | eclipse | jetty.project | Medium | 5.3 | 2023-04-18 20:30:20 | Deep Dive |
| CVE-2022-2191 | Eclipse Jetty 安全漏洞 | The Eclipse Foundation | Eclipse Jetty | High | 7.5 | 2022-07-07 20:45:16 | Deep Dive |