PT-2026-23445

Name of the Vulnerable Software and Affected Versions Eclipse Jetty versions 12.0.0 through 12.0.31 Eclipse Jetty versions 12.1.0 through 12.1.5 Description Eclipse Jetty’s GzipHandler class has an issue where a memory leak occurs when processing a compressed HTTP request Content-Encoding: gzip...

CVE-2026-1605

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing t...