All 7 CVE vulnerabilities found in jetty.project, with AI-generated Chinese analysis, references, and POCs.
Vendor: eclipse
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-22201 | Jetty connection leaking on idle timeout when TCP congested CWE-400 | 7.5 | High | 2024-02-26 |
| CVE-2023-36478 | HTTP/2 HPACK integer overflow and buffer allocation CWE-190 | 7.5 | High | 2023-10-10 |
| CVE-2023-41900 | Jetty's OpenId Revoked authentication allows one request CWE-1390 | 3.5 | Low | 2023-09-15 |
| CVE-2023-40167 | Jetty accepts "+" prefixed value in Content-Length CWE-130 | 5.3 | Medium | 2023-09-15 |
| CVE-2023-36479 | Jetty vulnerable to errant command quoting in CGI Servlet CWE-149 | 3.5 | Low | 2023-09-15 |
| CVE-2023-26049 | Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty CWE-200 | 2.4 | Low | 2023-04-18 |
| CVE-2023-26048 | OutOfMemoryError for large multipart without filename in Eclipse Jetty CWE-400 | 5.3 | Medium | 2023-04-18 |
All 7 known CVE vulnerabilities affecting jetty.project with full Chinese analysis, references, and POCs where available.