Known vulnerabilities in Eclipse Jetty 9.3.4

Known vulnerabilities in Eclipse Jetty 9.3.4

Vendor: Eclipse

Website: https://eclipse.org

Total Security Bulletins: 14

Security bulletins (14)

Secuity bulletin	Severity	Status	Published
SB2025082101: HTTP/2 Made You Reset Attack in Jetty	Medium	Patched	21.08.2025
SB20241014112: Remote denial of service in Eclipse Jetty DosFilter	Medium	Patched	14.10.2024
SB20241014107: SSRF in Eclipse Jetty	Medium	Patched	14.10.2024
SB2024022652: Remote denial of service in Eclipse Jetty	Medium	Patched	26.02.2024
SB2024020926: Inconsistent interpretation of HTTP requests in IBM Cloud Pak for Data System	Medium	Patched	09.02.2024
SB2023101119: Rapid Reset Attack in Eclipse Jetty	High	Patched Exploited	11.10.2023
SB2023091440: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	14.09.2023
SB2023041842: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	18.04.2023
SB2022072723: Multiple vulnerabilities in Eclipse Jetty	Medium	Patched	27.07.2022
SB2021080801: Insufficient session expiration in Eclipse Jetty	Low	Patched	08.08.2021
SB2021060910: Information disclosure in Eclipse Jetty	Medium	Patched	09.06.2021
SB2021040179: Multiple vulnerabilities in Jetty	Medium	Patched Public exploit	01.04.2021
SB2020121307: Privilege escalation in Eclipse Jetty	Low	Patched	13.12.2020
SB2019032714: Input validation error in Eclipse Jetty	Medium	Patched	27.03.2019