CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

ROOT-APP-MAVEN-CVE-2024-6763 CVE-2024-6763 in io.root.org.eclipse.jetty:jetty-http - Patched by Root

Root has patched CVE-2024-6763 in the io.root.org.eclipse.jetty:jetty-http package for Root:Maven. Multiple fixed versions available...

3.7CVSS6.3AI score0.00986EPSS

Exploits1

IBM Security Bulletins•added 2026/05/26 6:47 a.m.•14 views

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - NRS.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - NRS addressed in 3.0.5.1. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL...

5.3CVSS6.7AI score0.00986EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/25 5:1 p.m.•11 views

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affects IBM Rational Functional Tester / DevOps Test UI

Summary There are vulnerabilities in Eclipse Jetty used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote...

6.5CVSS6.8AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/01 7:47 a.m.•4 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to denial-of-service due to Jetty

Summary A security vulnerability in Jetty's ThreadLimitHandler.getRemote can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. IBM Sterling External...

6.5CVSS6.7AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/01 7:38 a.m.•4 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to denial-of-service due to Jetty

6.5CVSS6.7AI score0.01037EPSS

Exploits1Affected Software1

OSV•added 2026/04/01 9:25 a.m.•1 views

CLEANSTART-2026-TX96881 Security fixes for CVE-2024-6763, CVE-2026-1225, ghsa-25qh-j22f-pwp8, ghsa-72hv-8253-57qq, ghsa-qh8g-58pp-2wxh, ghsa-qqpg-mvqg-649v applied in versions: 4.0.1-r2

Multiple security vulnerabilities affect the cassandra-reaper-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

5.3CVSS6.7AI score0.00986EPSS

Exploits1References9

IBM Security Bulletins•added 2026/03/27 5:58 p.m.•4 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to jetty

Summary IBM webMethods BPM uses jetty to enable embedded web server capabilities within the application. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for...

5.3CVSS5.9AI score0.00986EPSS

Exploits1Affected Software1

F5 Networks•added 2025/11/13 8:41 p.m.•5 views

K000157844: Jetty vulnerabilities CVE-2023-36478, CVE-2024-6763, CVE-2023-26049, CVE-2024-8184, and CVE-2023-41900

Security Advisory Description CVE-2023-36478 Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size...

7.5CVSS7.4AI score0.03754EPSS

Exploits3

IBM Security Bulletins•added 2025/09/09 3:22 p.m.•4 views

Security Bulletin: Insufficient URI Authority Validation in Eclipse Jetty's HttpURI Class Enables Open Redirect and SSRF Risks, affects watsonx.data

Summary Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common...

6.5CVSS6.6AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/06/25 9:37 a.m.•5 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses jetty-http-10.0.22.jar and jinja2-3.1.5-py3-none-any.whl which is vulnerable to CVE-2025-27516 and CVE-2024-6763

Summary IBM Maximo Application Suite - IoT Component uses jetty-http-10.0.22.jar and jinja2-3.1.5-py3-none-any.whl which is vulnerable to CVE-2025-27516 and CVE-2024-6763. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6763...

8.8CVSS7.3AI score0.00986EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/06/20 12:0 p.m.•5 views

Security Bulletin: Vulnerability in jetty-server affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-6763, CVE-2024-8184]

Summary The jetty-server package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-6763, CVE-2024-8184 Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web...

6.5CVSS5.7AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/06/20 11:36 a.m.•1 views

Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-6763]

Summary The jetty-http package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-6763 Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet...

5.3CVSS5.1AI score0.00986EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/06/03 8:19 a.m.•7 views

Security Bulletin: IBM Engineering Systems Design Rhapsody affected by CVE-2024-6763

Summary jetty-http-12.0.9.jar, jetty-server-12.0.9.jar was vulnerable and IBM Engineering Systems Design Rhapsodyhas upgraded JARs to org.eclipse.jetty:jetty-http:12.0.12;org.eclipse.jetty:jetty-server:12.0.12 Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight,...

5.3CVSS6.1AI score0.00986EPSS

Exploits1Affected Software1

OpenVAS•added 2025/06/02 12:0 a.m.•8 views

openSUSE Security Advisory (SUSE-SU-2025:01738-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.8AI score0.00986EPSS

Exploits1References5

Tenable Nessus•added 2025/05/30 12:0 a.m.•8 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : jetty-minimal (SUSE-SU-2025:01738-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01738-1 advisory. Upgrade to version 9.4.57.v20241219 - CVE-2024-6763: the HttpURI class does insufficient...

7.2CVSS6.8AI score0.00986EPSS

Exploits1References7

OPENSUSE Linux•added 2025/05/27 12:0 a.m.•5 views

jetty-annotations-9.4.57-1.1 on GA media (moderate)

jetty-annotations-9.4.57-1.1 on GA media Announcement ID: openSUSE-SU-2025:15160-1 Rating: moderate Cross-References: CVE-2024-13009 CVE-2024-6763 CVSS scores: CVE-2024-13009 SUSE : 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVE-2024-6763 SUSE : 4.8...

7.2CVSS7.4AI score0.00986EPSS

Exploits1

IBM Security Bulletins•added 2025/04/14 10:52 a.m.•26 views

Security Bulletin: IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763.

Summary IBM Asset Data Dictionary uses jetty-http-9.4.48.v20220622.jar which is vulnerable to CVE-2024-6763. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable,...

5.3CVSS6.6AI score0.00986EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/04/10 2:14 p.m.•23 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities reported in Jetty server (CVE-2024-8184, CVE-2024-6763)

Summary Multiple vulnerabilities over Eclipse Jetty is affecting IBM Sterling Control Center v6.3.1.0 and v6.4.0.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service...

6.5CVSS5.8AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/04/01 10:37 a.m.•21 views

Security Bulletin: There is a vulnerability in jetty-server-9.4.53.v20231009.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-6763)

Summary There is a vulnerability in jetty-server-9.4.53.v20231009.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includ...

6.5CVSS7AI score0.01037EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/04/01 3:34 a.m.•17 views

Security Bulletin: IBM Storage Protect Server is vulnerable due to Eclipse Jetty (CVE-2024-6763)

Summary IBM Storage Protect Server uses Eclipse Jetty and may be vulnerable to an open redirect attack due to issues with HttpURI parsing and validation checks. Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servle...

5.3CVSS6.9AI score0.00986EPSS

Exploits1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by