116 matches found
CVE-2023-1973 Undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
GHSA-CPH5-3PGR-C82G Gnark out-of-memory during deserialization with crafted inputs
Thanks @pventuzelo for reporting. From the correspondence: Hi, We Fuzzinglabs & Lambdaclass found that during deserialization of certain files representing a VerifyingKey, an excessive memory allocation is happening consuming a lot of resources and even triggering a crash with the error fatal...
Denial Of Service (DoS)
org.eclipse.jetty, jetty-servlets is vulnerable to Denial Of Service DoS. The vulnerability is due to the exploitation of Jetty's DosFilter, which allows attackers to send crafted requests that trigger OutOfMemory errors...
Remote Denial Of Service (DoS)
org.eclipse.jetty, jetty-server is vulnerable to a Remote Denial-of-Service DoS. The vulnerability is due to the ThreadLimitHandler.getRemote method, which allows unauthorized users to send crafted requests that trigger OutOfMemory errors and exhaust the server's memory...
Eclipse Jetty DoS Vulnerability (GHSA-7hcf-ppf8-5w5h) - Linux
Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...
Eclipse Jetty DoS Vulnerability (GHSA-7hcf-ppf8-5w5h) - Windows
Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...
CVE-2024-8184
A flaw was found in Jetty's ThreadLimitHandler.getRemote. This flaw allows unauthorized users to cause remote denial of service DoS attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. Mitigation Mitigation for this issue is...
CVE-2024-8184
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-9823
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
UBUNTU-CVE-2024-9823
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-8184
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-9823 Jetty DOS vulnerability on DosFilter
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-9823 Jetty DOS vulnerability on DosFilter
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-9823
CVE-2024-9823 involves Jetty's DosFilter. The provided documents confirm a remote DoS via crafted requests that trigger OutOfMemory and exhaust server memory, as described under the Jetty DosFilter entry (CWE-400: Uncontrolled Resource Consumption). No specific remediation or affected versions ar...
CVE-2024-9823 Jetty DOS vulnerability on DosFilter
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-9823
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
PT-2024-9612 · Eclipse +2 · Eclipse Jetty +2
Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions prior to 9.4.54 Eclipse Jetty versions prior to 10.0.18 Eclipse Jetty versions prior to 11.0.18 Eclipse Jetty versions prior to 12.0.3 Description: The vulnerability in Jetty's DosFilter can be exploited by unauthorized...