CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6294

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01719EPSS

Exploits1References8

SUSE CVE•added 2023/02/15 3:32 a.m.•0 views

SUSE CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS8.9AI score0.01719EPSS

Exploits1References3

NVD•added 2022/07/07 9:15 p.m.•13 views

CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS0.01719EPSS

Exploits1References2

ATTACKERKB•added 2022/07/07 9:15 p.m.•1 views

CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS7.2AI score0.01719EPSS

Exploits1References3Affected Software1

OSV•added 2022/07/07 9:15 p.m.•26 views

CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS8.6AI score

Exploits0References2

Prion•added 2022/07/07 9:15 p.m.•27 views

Code injection

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

5CVSS7.4AI score0.01719EPSS

Exploits1References2Affected Software1

OSV•added 2022/07/07 9:15 p.m.•1 views

UBUNTU-CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS7.2AI score0.01719EPSS

Exploits1References3

CVE•added 2022/07/07 8:45 p.m.•203 views

CVE-2022-2191

CVE-2022-2191 affects Eclipse Jetty by failing to release ByteBuffers from ByteBufferPool in error paths in Jetty 10.0.0–10.0.9 and 11.0.0–11.0.9. The described root cause is a ByteBuffer lifecycle issue in SslConnection, leading to a potential denial of service with high availability impact. Pub...

7.5CVSS7.5AI score0.01719EPSS

Exploits1References2Affected Software1

Debian CVE•added 2022/07/07 8:45 p.m.•49 views

CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

7.5CVSS7.7AI score0.01719EPSS

Exploits1

Tenable Nessus•added 2021/10/04 12:0 a.m.•24 views

Jetty 9.4.27 < 9.4.30 Buffer Overflow

The version of Jetty installed on the remote host when handling too large response headers throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two...

9.4CVSS9.6AI score0.30928EPSS

Exploits0References2

OSV•added 2020/08/05 2:52 p.m.•36 views

GHSA-X3RH-M7VP-35F2 Operation on a Resource after Expiration or Release in Jetty Server

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

9.4CVSS9.5AI score0.30928EPSS

Exploits0References21