VulnerableCode Package Details - pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53

Search for packages

Vulnerability	Summary	Fixed by
VCID-ggqc-qjf8-aaad Aliases: CVE-2024-22201 GHSA-rggv-cv7r-mw98	Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.	9.4.54 Affected by 0 other vulnerabilities. 9.4.54.v20240208 Affected by 0 other vulnerabilities. 10.0.20 Affected by 0 other vulnerabilities. 11.0.20 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-ggqc-qjf8-aaad
Aliases:
CVE-2024-22201
GHSA-rggv-cv7r-mw98

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.

9.4.54
Affected by 0 other vulnerabilities.

9.4.54.v20240208
Affected by 0 other vulnerabilities.

10.0.20
Affected by 0 other vulnerabilities.

11.0.20
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-09T23:20:30.964835+00:00	GitLab Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty.http2/http2-common/CVE-2023-44487.yml	36.1.0
2025-06-09T22:37:44.390776+00:00	GHSA Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	36.1.0
2025-06-09T20:18:36.349290+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	36.1.0
2025-04-04T11:33:15.431877+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	36.0.0
2025-03-29T10:49:54.957976+00:00	GHSA Importer	Affected by	VCID-ggqc-qjf8-aaad	https://github.com/advisories/GHSA-rggv-cv7r-mw98	36.0.0
2025-03-29T10:49:40.684385+00:00	GHSA Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	36.0.0
2025-03-28T16:49:04.434539+00:00	GitLab Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty.http2/http2-common/CVE-2023-44487.yml	36.0.0
2025-01-16T20:09:04.883486+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	35.1.0
2024-12-23T15:31:12.626404+00:00	GHSA Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	35.0.0
2024-12-23T03:16:51.202744+00:00	GitLab Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty.http2/http2-common/CVE-2023-44487.yml	35.0.0
2024-10-15T19:17:20.051769+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	34.0.2
2024-10-14T21:48:14.568275+00:00	GitLab Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty.http2/http2-common/CVE-2023-44487.yml	34.0.2
2024-09-18T09:22:23.168171+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	34.0.1
2024-09-17T22:00:55.280847+00:00	GHSA Importer	Affected by	VCID-ggqc-qjf8-aaad	https://github.com/advisories/GHSA-rggv-cv7r-mw98	34.0.1
2024-09-17T22:00:44.186259+00:00	GHSA Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	34.0.1
2024-04-23T23:14:28.109910+00:00	GithubOSV Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-qppj-fm5r-hxr3/GHSA-qppj-fm5r-hxr3.json	34.0.0rc4
2024-04-23T17:39:58.338213+00:00	GHSA Importer	Affected by	VCID-ggqc-qjf8-aaad	https://github.com/advisories/GHSA-rggv-cv7r-mw98	34.0.0rc4
2024-04-23T17:39:47.390515+00:00	GHSA Importer	Fixing	VCID-6y3x-kyj7-aaaf	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	34.0.0rc4

2025-06-09T23:20:30.964835+00:00

GitLab Importer

Fixing

purl	pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53
Tags	Ghost

Next non-vulnerable version	9.4.54.v20240208
Latest non-vulnerable version	11.0.20
Risk	4.0