GHSA-XXH7-FCF3-RJ7F The Eclipse Jetty Server Artifact has a Gzip request memory leak

Description as reported There is a memory leak when using GzipHandler in jetty-12.0.30 that can cause off-heap OOMs. This can be used for DoS attacks so I'm reporting this as a vulnerability. The leak is created by requests where the request is inflated Content-Encoding: gzip and the response is...

Eclipse Jetty 安全漏洞

Eclipse Jetty is an open-source Java-based web server and Java Servlet container developed by the Eclipse Foundation. Versions 12.0.0 to 12.0.31, as well as 12.1.0 to 12.1.5 of Eclipse Jetty, have security vulnerabilities. These vulnerabilities stem from the fact that the GzipHandler does not...

PT-2026-23445

Name of the Vulnerable Software and Affected Versions Eclipse Jetty versions 12.0.0 through 12.0.31 Eclipse Jetty versions 12.1.0 through 12.1.5 Description Eclipse Jetty’s GzipHandler class has an issue where a memory leak occurs when processing a compressed HTTP request Content-Encoding: gzip...