-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Security: jetty/jetty.project
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Invalid HTTP/2 requests can lead to denial of serviceGHSA-wgmr-mf83-7x4j published
Jul 7, 2022 by waynebeatonHigh -
Encoded URIs can access WEB-INFGHSA-vjv5-gp2w-65vm published
Jul 15, 2021 by waynebeatonModerate -
SessionListener can prevent a session from being invalidated breaking logoutGHSA-m6cp-vxjx-65j6 published
Jun 22, 2021 by waynebeatonLow -
Jetty Utility Servlets ConcatServlet Double Decoding Information Disclosure VulnerabilityGHSA-gwcr-j4wh-j3cq published
Jun 9, 2021 by waynebeatonModerate -
Ambiguous paths can access WEB-INFGHSA-v7ff-8wcx-gmc5 published
Apr 1, 2021 by waynebeatonModerate -
CPU 100% receiving an invalid large TLS frameGHSA-26vr-8j45-3r4w published
Apr 1, 2021 by waynebeatonHigh -
Symlink Directory Exposes Webapp Directory ContentsGHSA-j6qj-j888-vvgq published
Apr 1, 2021 by waynebeatonLow -
DOS vulnerability for Quoted Quality CSV headersGHSA-m394-8rww-3jr7 published
Feb 26, 2021 by waynebeatonModerate -
Buffer not correctly recycled in Gzip Request inflationGHSA-86wm-rrjm-8wh8 published
Nov 28, 2020 by waynebeatonModerate -
Local Temp Directory Hijacking VulnerabilityGHSA-g3wg-6mcf-8jj6 published
Oct 23, 2020 by waynebeatonHigh