9 matches found
micrometer-core: micrometer-jetty11: micrometer-jetty12: Micrometer: Denial of Service via specially crafted HTTP requests
A flaw was found in Micrometer. A remote attacker can provide specially crafted HTTP requests, which may lead to a denial-of-service DoS condition. This vulnerability allows an attacker to disrupt the availability of the affected system...
EUVD-2026-35320
In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9.0 through 1.9.17...
CVE-2026-40984
CVE-2026-40984 details (from provided sources): Affects Micrometer HTTP server instrumentations across micrometer-core and micrometer-jetty variants (various versions listed in the initial entry). The vulnerability is a DoS triggered by specially crafted HTTP requests. The CVSS v3.1 base score is...
PT-2026-47643
Name of the Vulnerable Software and Affected Versions micrometer-core versions 1.16.0 through 1.16.5 micrometer-core versions 1.15.0 through 1.15.11 micrometer-core versions 1.14.0 through 1.14.15 micrometer-core versions 1.13.0 through 1.13.18 micrometer-core versions 1.9.0 through 1.9.17...
Allocation of Resources Without Limits or Throttling
Overview io.micrometer:micrometer-jetty12 is a Micrometer instrumentation for Jetty 12 Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via HTTP server metrics instrumentation in Micrometer. An attacker can cause denial of service by sending...
[SECURITY] [DSA 6006-1] jetty12 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6006-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 19, 2025 https://www.debian.org/security/faq -...
DSA-6006-1 jetty12 - security update
Bulletin has no description...
Debian dsa-6006 : jetty12 - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6006 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6006-1 [email protected] https://www.debian.org/security/ Moritz...
com.google.appengine:jetty12-assembly (>=2.0.20 <=3.0.1), org.eclipse.jetty.ee9.demos:jetty-ee9-demo-embedded (>=12.0.0 <=12.0.29) +5 more potentially affected by CVE-2024-9823 via org.eclipse.jetty.ee9:jetty-ee9-servlets (>=12.0.0 <=12.0.29)
org.eclipse.jetty.ee9:jetty-ee9-servlets MAVEN version =12.0.0, =2.0.20, =12.0.0, =12.0.0, =12.0.0, =12.0.0, =12.0.12, =12.0.29 Source cves: CVE-2024-9823 Source advisory: OSV:GHSA-J26W-F9RQ-MR2Q...