| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-9823 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | There exists a security vulnerability in Jetty's DosFilter which can b ... |
| CVE-2024-8184 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | There exists a security vulnerability in Jetty's ThreadLimitHandler.ge ... |
| CVE-2024-6763 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Eclipse Jetty is a lightweight, highly scalable, Java-based web server ... |
| CVE-2024-6762 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Jetty PushSessionCacheFilter can be exploited by unauthenticated users ... |
| CVE-2023-40167 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Jetty is a Java based web server and servlet engine. Prior to versions ... |
| CVE-2023-36479 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | Eclipse Jetty Canonical Repository is the canonical repository for the ... |
| CVE-2023-26049 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Jetty is a java based web server and servlet engine. Nonstandard cooki ... |
| CVE-2023-26048 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Jetty is a java based web server and servlet engine. In affected versi ... |
| CVE-2022-2047 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, a ... |
| CVE-2021-28165 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0. ... |
| CVE-2020-27218 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 ... |
| Bug | Description |
|---|
| CVE-2024-22201 | Jetty is a Java based web server and servlet engine. An HTTP/2 SSL con ... |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... |
| CVE-2023-41900 | Jetty is a Java based web server and servlet engine. Versions 9.4.21 t ... |
| CVE-2023-36478 | Eclipse Jetty provides a web server and servlet container. In versions ... |
| CVE-2022-2191 | In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 v ... |
| CVE-2022-2048 | In Eclipse Jetty HTTP/2 server implementation, when encountering an in ... |
| CVE-2021-34429 | For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0. ... |
| CVE-2021-34428 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exce ... |
| CVE-2021-28169 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is poss ... |
| CVE-2021-28164 | In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default com ... |
| CVE-2021-28163 | In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0. ... |
| CVE-2020-27223 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0 ... |
| CVE-2020-27216 | In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thr ... |
| CVE-2019-17638 | In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in ca ... |
| CVE-2019-17632 | In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4. ... |
| CVE-2019-10247 | In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, ... |
| CVE-2019-10246 | In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server runnin ... |
| CVE-2019-10241 | In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.1 ... |
| CVE-2018-12545 | In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to ... |
| CVE-2018-12538 | In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ... |
| CVE-2018-12536 | In Eclipse Jetty Server, all 9.x versions, on webapps deployed using d ... |
| CVE-2017-9735 | Jetty through 9.4.x is prone to a timing channel in util/security/Pass ... |
| CVE-2017-7658 | In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP ... |
| CVE-2017-7657 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ... |
| CVE-2017-7656 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ... |
| CVE-2016-4800 | The path normalization mechanism in PathResource class in Eclipse Jett ... |