Known Vulnerabilities for Jetty by Eclipse
Listed below are 10 of the newest known vulnerabilities associated with "Jetty" by "Eclipse".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56139 json | Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-und... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-49877 json | Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can acce... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-49365 json | Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-n... | Not Provided | 2026-07-06 | 2026-07-07 |
| CVE-2026-5795 json | In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upo... | Not Provided | 2026-04-08 | 2026-07-02 |
| CVE-2026-2332 json | In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funk... | Not Provided | 2026-04-14 | 2026-07-02 |
| CVE-2026-1605 json | In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP... | Not Provided | 2026-03-05 | 2026-06-30 |
| CVE-2023-44487 json | Not Provided | 2023-10-10 | 2026-05-12 | |
| CVE-2023-41900 json | Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to w... | 4.3 - MEDIUM | 2023-09-15 | 2023-11-10 |
| CVE-2023-40167 json | Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts th... | 5.3 - MEDIUM | 2023-09-15 | 2023-10-13 |
| CVE-2023-36479 json | Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very spe... | 4.3 - MEDIUM | 2023-09-15 | 2023-10-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Eclipse | Jetty | 9.4.9 | |||
| Application | Eclipse | Jetty | 9.4.9 | |||
| Application | Eclipse | Jetty | 9.4.8 | |||
| Application | Eclipse | Jetty | 9.4.8 | |||
| Application | Eclipse | Jetty | 9.4.8 | |||
| Application | Eclipse | Jetty | 9.4.7 | |||
| Application | Eclipse | Jetty | 9.4.7 | |||
| Application | Eclipse | Jetty | 9.4.7 | |||
| Application | Eclipse | Jetty | 9.4.7 | |||
| Application | Eclipse | Jetty | 9.4.6 | |||
| Application | Eclipse | Jetty | 9.4.6 | |||
| Application | Eclipse | Jetty | 9.4.6 | |||
| Application | Eclipse | Jetty | 9.4.5 | |||
| Application | Eclipse | Jetty | 9.4.5 | |||
| Application | Eclipse | Jetty | 9.4.5 | |||
| Application | Eclipse | Jetty | 9.4.4 | |||
| Application | Eclipse | Jetty | 9.4.4 | |||
| Application | Eclipse | Jetty | 9.4.4 | |||
| Application | Eclipse | Jetty | 9.4.4 | |||
| Application | Eclipse | Jetty | 9.4.35 |