Search for packages
| purl | pkg:maven/org.eclipse.jetty/jetty-server@9.4.54.v20240208 |
| Next non-vulnerable version | 9.4.57.v20241219 |
| Latest non-vulnerable version | 12.0.9 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8d2b-qrs3-7fgg
Aliases: CVE-2024-8184 GHSA-g8m5-722r-8whq |
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-juk7-qcef-zyer
Aliases: CVE-2024-13009 GHSA-q4rv-gq96-w7c5 |
**UNSUPPORTED WHEN ASSIGNED** GzipHandler causes part of request body to be seen as request body of a separate request In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-20T17:21:14.767410+00:00 | GitLab Importer | Affected by | VCID-juk7-qcef-zyer | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty/jetty-server/CVE-2024-13009.yml | 36.1.3 |
| 2025-06-08T23:53:15.337483+00:00 | GitLab Importer | Affected by | VCID-juk7-qcef-zyer | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.eclipse.jetty/jetty-server/CVE-2024-13009.yml | 36.1.0 |
| 2024-11-02T01:10:46.456800+00:00 | GHSA Importer | Affected by | VCID-8d2b-qrs3-7fgg | https://github.com/advisories/GHSA-g8m5-722r-8whq | 34.0.2 |