Lucene search
K

116 matches found

Vulnrichment
Vulnrichment
added 2024/11/07 10:1 a.m.22 views

CVE-2023-1973 Undertow: unrestricted request storage leads to memory exhaustion

A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...

7.5CVSS6.4AI score0.01292EPSS
Exploits0References8
OSV
OSV
added 2024/10/31 8:37 p.m.13 views

GHSA-CPH5-3PGR-C82G Gnark out-of-memory during deserialization with crafted inputs

Thanks @pventuzelo for reporting. From the correspondence: Hi, We Fuzzinglabs & Lambdaclass found that during deserialization of certain files representing a VerifyingKey, an excessive memory allocation is happening consuming a lot of resources and even triggering a crash with the error fatal...

6.8CVSS6.4AI score0.00324EPSS
Exploits1References6
Veracode
Veracode
added 2024/10/24 12:14 p.m.12 views

Denial Of Service (DoS)

org.eclipse.jetty, jetty-servlets is vulnerable to Denial Of Service DoS. The vulnerability is due to the exploitation of Jetty's DosFilter, which allows attackers to send crafted requests that trigger OutOfMemory errors...

7.5CVSS5.2AI score0.00946EPSS
Exploits0References7Affected Software5
Veracode
Veracode
added 2024/10/22 5:42 a.m.10 views

Remote Denial Of Service (DoS)

org.eclipse.jetty, jetty-server is vulnerable to a Remote Denial-of-Service DoS. The vulnerability is due to the ThreadLimitHandler.getRemote method, which allows unauthorized users to send crafted requests that trigger OutOfMemory errors and exhaust the server's memory...

6.5CVSS6.3AI score0.01037EPSS
Exploits0References5Affected Software2
OpenVAS
OpenVAS
added 2024/10/22 12:0 a.m.17 views

Eclipse Jetty DoS Vulnerability (GHSA-7hcf-ppf8-5w5h) - Linux

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

7.5CVSS6.2AI score0.00946EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/22 12:0 a.m.15 views

Eclipse Jetty DoS Vulnerability (GHSA-7hcf-ppf8-5w5h) - Windows

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

7.5CVSS6.2AI score0.00946EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/10/14 4:55 p.m.16 views

CVE-2024-8184

A flaw was found in Jetty's ThreadLimitHandler.getRemote. This flaw allows unauthorized users to cause remote denial of service DoS attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. Mitigation Mitigation for this issue is...

6.5CVSS5.5AI score0.01037EPSS
Exploits0References6
NVD
NVD
added 2024/10/14 4:15 p.m.22 views

CVE-2024-8184

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

6.5CVSS0.01037EPSS
Exploits0References4
NVD
NVD
added 2024/10/14 3:15 p.m.19 views

CVE-2024-9823

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

7.5CVSS0.00946EPSS
Exploits0References5
OSV
OSV
added 2024/10/14 3:15 p.m.8 views

UBUNTU-CVE-2024-9823

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

7.5CVSS7.2AI score0.00946EPSS
Exploits0References5
OSV
OSV
added 2024/10/14 3:9 p.m.12 views

CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.9CVSS7.1AI score0.01037EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/10/14 3:9 p.m.12 views

CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.9CVSS7.1AI score0.01037EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/14 3:9 p.m.19 views

CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.9CVSS0.01037EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/10/14 3:9 p.m.10 views

CVE-2024-8184

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

6.5CVSS6.9AI score0.01037EPSS
Exploits0
OSV
OSV
added 2024/10/14 3:3 p.m.14 views

CVE-2024-9823 Jetty DOS vulnerability on DosFilter

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.3CVSS6.5AI score0.00946EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/10/14 3:3 p.m.17 views

CVE-2024-9823 Jetty DOS vulnerability on DosFilter

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.3CVSS7.2AI score0.00946EPSS
Exploits0References3
CVE
CVE
added 2024/10/14 3:3 p.m.326 views

CVE-2024-9823

CVE-2024-9823 involves Jetty's DosFilter. The provided documents confirm a remote DoS via crafted requests that trigger OutOfMemory and exhaust server memory, as described under the Jetty DosFilter entry (CWE-400: Uncontrolled Resource Consumption). No specific remediation or affected versions ar...

7.5CVSS5.3AI score0.00946EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/10/14 3:3 p.m.40 views

CVE-2024-9823 Jetty DOS vulnerability on DosFilter

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

5.3CVSS0.00946EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/10/14 3:3 p.m.11 views

CVE-2024-9823

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...

7.5CVSS6.4AI score0.00946EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/14 12:0 a.m.4 views

PT-2024-9612 · Eclipse +2 · Eclipse Jetty +2

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions prior to 9.4.54 Eclipse Jetty versions prior to 10.0.18 Eclipse Jetty versions prior to 11.0.18 Eclipse Jetty versions prior to 12.0.3 Description: The vulnerability in Jetty's DosFilter can be exploited by unauthorized...

7.5CVSS5.9AI score0.01037EPSS
Exploits0References38
Rows per page
Query Builder