漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Vulnerability Description
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Eclipse Jetty 安全漏洞
Vulnerability Description
Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty存在安全漏洞,该漏洞源于未经授权的用户可以通过发送精心构造的请求来触发该漏洞,导致服务器出现内存溢出错误并耗尽服务器内存,从而引发远程拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A