VulnerableCode Package Details - pkg:deb/debian/jetty9@9.4.50-4%2Bdeb12u1

Search for packages

Package details: pkg:deb/debian/jetty9@9.4.50-4%2Bdeb12u1

Essentials
History (0)

purl	pkg:deb/debian/jetty9@9.4.50-4%2Bdeb12u1
Tags	Ghost

Next non-vulnerable version	9.4.57-0+deb12u1
Latest non-vulnerable version	9.4.57-1
Risk	10.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-1pjh-3upb-aaaq Aliases: CVE-2023-36478 GHSA-wgh7-54f2-x98r	HTTP/2 HPACK integer overflow and buffer allocation	9.4.50-4+deb12u2 Affected by 0 other vulnerabilities.
VCID-6y3x-kyj7-aaaf Aliases: CVE-2023-44487 GHSA-qppj-fm5r-hxr3 VSV00013	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	9.4.50-4+deb12u2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version