Package impact
Maven / org.eclipse.jetty.http2:jetty-http2-common
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | high | 7.5 | 10.0 | 3y ago | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||
| CVE-2025-5115 | unknown | — | — | 10mo ago | Eclipse Jetty affected by MadeYouReset HTTP/2 vulnerability | |||
| CVE-2025-1948 | unknown | — | — | 1y ago | Eclipse Jetty HTTP/2 client can force the server to allocate a humongous byte buffer that may lead to OoM and subsequently the JVM to exit | |||
| CVE-2024-22201 | unknown | — | — | 2y ago | Connection leaking on idle timeout when TCP congested |