VulnerableCode Package Details - pkg:maven/org.eclipse.jetty.http2/http2-server@11.0.15

Search for packages

Package details: pkg:maven/org.eclipse.jetty.http2/http2-server@11.0.15

Essentials
History (2)

purl	pkg:maven/org.eclipse.jetty.http2/http2-server@11.0.15

Next non-vulnerable version	11.0.17
Latest non-vulnerable version	11.0.17
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-c4d1-jsqh-hban Aliases: CVE-2023-44487 GHSA-qppj-fm5r-hxr3 VSV00013	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	11.0.17 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T18:51:22.824126+00:00	GitLab Importer	Affected by	VCID-c4d1-jsqh-hban	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty.http2/http2-server/CVE-2023-44487.yml	37.0.0
2025-07-03T17:50:58.411277+00:00	GHSA Importer	Affected by	VCID-c4d1-jsqh-hban	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	37.0.0