2 matches found
GHSA-VGG8-72F2-QM23 Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
In Eclipse Jetty, versions 9.2.x and older, 9.3.x, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined...
Eclipse Jetty Integer Overflow Vulnerability
Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . An integer overflow vulnerability in the parsing of block lengths in Eclipse Jetty versions 9.2.x and earlier, 9.3.x, and 9.4.x stems from the program's failure to properly handle...