Количество 8
Количество 8
CVE-2024-22201
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.
CVE-2024-22201
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.
CVE-2024-22201
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.
CVE-2024-22201
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL con ...
SUSE-SU-2024:0817-1
Security update for jetty-minimal
ROS-20240422-03
Уязвимость Jetty
GHSA-rggv-cv7r-mw98
Connection leaking on idle timeout when TCP congested
BDU:2024-03239
Уязвимость контейнера сервлетов Eclipse Jetty, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю ограничить сервер на принятие новые соединения от действительных клиентов
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-22201 Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2024-22201 Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2024-22201 Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-22201 Jetty is a Java based web server and servlet engine. An HTTP/2 SSL con ... | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | SUSE-SU-2024:0817-1 Security update for jetty-minimal | 0% Низкий | больше 1 года назад | |
 | ROS-20240422-03 Уязвимость Jetty | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| GHSA-rggv-cv7r-mw98 Connection leaking on idle timeout when TCP congested | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | BDU:2024-03239 Уязвимость контейнера сервлетов Eclipse Jetty, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю ограничить сервер на принятие новые соединения от действительных клиентов | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу