Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Eclipse Jetty GZIP buffer release
Vulnerability Description
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
不恰当的资源关闭或释放
Vulnerability Title
Eclipse Jetty 安全漏洞
Vulnerability Description
Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty 9.4.0版本至9.4.56版本存在安全漏洞,该漏洞源于在解压缩请求主体时遇到gzip错误时可能错误释放缓冲区,可能导致请求间数据损坏或意外共享。
CVSS Information
N/A
Vulnerability Type
N/A