-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Security: jetty/jetty.project
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
URI parsing of invalid authorityGHSA-qh8g-58pp-2wxh published
Oct 14, 2024 by joakimeLow -
ThreadLimitHandler.getRemote() vulnerable to remote DoS attacksGHSA-g8m5-722r-8whq published
Oct 14, 2024 by joakimeModerate -
Connection leaking on idle timeout when TCP congestedGHSA-rggv-cv7r-mw98 published
Feb 26, 2024 by joakimeHigh -
DOS vulnerability on DosFilterGHSA-7hcf-ppf8-5w5h published
Oct 14, 2024 by joakimeModerate -
Jetty accepts "+" prefixed value in Content-LengthGHSA-hmr7-m48g-48f6 published
Sep 14, 2023 by sbordetModerate -
XmlParser is allows arbitrary DOCTYPE declarationsGHSA-58qw-p7qm-5rvh published
Jul 10, 2023 by gregwLow -
Errant command quoting in `org.eclipse.jetty.servlets.CGI` ServletGHSA-3gh6-v5v9-6v9j published
Sep 14, 2023 by sbordetLow -
HTTP/2 HPACK, and HTTP/3 QPACK integer overflow and buffer allocationGHSA-wgh7-54f2-x98r published
Oct 10, 2023 by jmcc0nn3llHigh -
PushSessionCacheFilter can cause remote DoS attacksGHSA-r7m4-f9h5-gr79 published
Oct 14, 2024 by joakimeLow -
OpenId Revoked authentication allows one requestGHSA-pwh8-58vv-vw48 published
Sep 14, 2023 by sbordetLow