2 matches found
PT-2021-7304 · Eclipse +2 · Eclipse Jetty +2
Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions 9.4.32 through 9.4.38 Eclipse Jetty versions 10.0.0.beta2 through 10.0.1 Eclipse Jetty versions 11.0.0.beta2 through 11.0.1 Description: The issue is related to the webapps directory in Eclipse Jetty being a symlink,...
UBUNTU-CVE-2018-12545
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations require...