jetty-minimal (SUSE:Linux Enterprise Module for Development Tools 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Development Tools 15 SP5 package jetty-minimal, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2023-36478 — CVSS 7.5 (high): Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through…
CVE-2024-22201 — CVSS 7.5 (high): Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it…
CVE-2024-8184 — CVSS 5.9 (medium): There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause…
CVE-2023-40167 — CVSS 5.3 (medium): Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+`…
CVE-2023-26048 — CVSS 5.3 (medium): Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with…
CVE-2023-41900 — CVSS 3.5 (low): Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak…
CVE-2023-36479 — CVSS 3.5 (low): Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command…
CVE-2023-26049 — CVSS 2.4 (low): Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within…