Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2024/10/14 4:55 p.m.12 views

CVE-2024-9823

A flaw was found in Jetty. The DosFilter can be exploited remotely by unauthorized users to trigger an out-of-memory condition by repeatedly sending specially crafted requests. This issue may cause a crash, leading to a denial of service. Mitigation Mitigation for this issue is either not availab...

5.3CVSS6.5AI score0.00946EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.2 views

jetty: Improper validation of HTTP/1 content-length

A flaw was found in Jetty that permits a plus sign + preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400...

5.3CVSS7.1AI score0.01069EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.4 views

jetty: Improper validation of HTTP/1 content-length

A flaw was found in Jetty that permits a plus sign + preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400...

5.3CVSS7.1AI score0.01069EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/15 5:7 p.m.7 views

jetty: Improper validation of HTTP/1 content-length

A flaw was found in Jetty that permits a plus sign + preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400...

5.3CVSS7.1AI score0.01069EPSS
Exploits0References6
Rows per page
Query Builder