Known vulnerabilities in Eclipse Jetty

Vendor: Eclipse

Website: https://eclipse.org

Total Security Bulletins: 28

Security bulletins (28)

Secuity bulletin	Severity	Status	Published
SB2025082101: HTTP/2 Made You Reset Attack in Jetty	Medium	Patched	21.08.2025
SB2025050925: Improper input validation in Jetty GzipHandler	Medium	Patched	09.05.2025
SB2025050924: Remote denial of service in Jetty	Medium	Patched	09.05.2025
SB20241014113: Remote denial of service in Eclipse Jetty PushCacheFilter	Medium	Patched	14.10.2024
SB20241014112: Remote denial of service in Eclipse Jetty DosFilter	Medium	Patched	14.10.2024
SB20241014108: Remote denial of service in Eclipse Jetty	Medium	Patched	14.10.2024
SB20241014107: SSRF in Eclipse Jetty	Medium	Patched	14.10.2024
SB2024022652: Remote denial of service in Eclipse Jetty	Medium	Patched	26.02.2024
SB2024020926: Inconsistent interpretation of HTTP requests in IBM Cloud Pak for Data System	Medium	Patched	09.02.2024
SB2023101119: Rapid Reset Attack in Eclipse Jetty	High	Patched Exploited	11.10.2023
SB2023101018: Remote denial of service in Eclipse Jetty	Medium	Patched	10.10.2023
SB2023091440: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	14.09.2023
SB2023071038: XXE in Eclipse Jetty	Low	Patched	10.07.2023
SB2023041842: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	18.04.2023
SB2022072723: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	27.07.2022
SB2021093014: Information disclosure in Eclipse Jetty	Medium	Patched Public exploit	30.09.2021
SB2021080801: Insufficient session expiration in Eclipse Jetty	Low	Patched	08.08.2021
SB2021060910: Information disclosure in Eclipse Jetty	Medium	Patched	09.06.2021
SB2021040179: Multiple vulnerabilities in Jetty	Medium	Patched Public exploit	01.04.2021
SB2020121307: Privilege escalation in Eclipse Jetty	Low	Patched	13.12.2020
SB2020070939: Operation on a Resource after Expiration or Release in Eclipse Jetty	High	Patched	09.07.2020
SB2019112514: Cross-site scripting in Eclipse Jetty	Low	Patched	25.11.2019
SB2019051138: Information disclosure in Eclipse Jetty	Medium	Patched	11.05.2019
SB2019032714: Input validation error in Eclipse Jetty	Medium	Patched	27.03.2019
SB2018070205: Multiple vulnerabilities in Eclipse Jetty	Low	Patched	02.07.2018
SB2018041212: Multiple vulnerabilities in Juniper products	High	Patched Exploited	12.04.2018
SB2017061704: Security restrictions bypass in Eclipse Jetty	Low	Patched	17.06.2017
SB2016060101: Security restrictions bypass in Jetty	Medium	Patched	01.06.2016