GHSA-p5rr-q5g6-gm42

Suggest an improvement
Source
https://github.com/advisories/GHSA-p5rr-q5g6-gm42
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-p5rr-q5g6-gm42/GHSA-p5rr-q5g6-gm42.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-p5rr-q5g6-gm42
Aliases
  • CVE-2004-2381
Published
2022-04-29T03:01:19Z
Modified
2024-02-16T08:21:56.368500Z
Summary
Jetty HTTP Server Denial of Service vulnerability
Details

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.

References

Affected packages

Maven / org.mortbay.jetty:jetty

Package

Name
org.mortbay.jetty:jetty
View open source insights on deps.dev
Purl
pkg:maven/org.mortbay.jetty/jetty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.19

Affected versions

4.*

4.1-rc1
4.1-rc6
4.2.2
4.2.3
4.2.9
4.2.10
4.2.12