Lucene search
Veracode Vulnerability DatabaseVERACODE:36301HistoryJul 08, 2022 - 7:05 a.m.
Denial Of Service (DoS)
2022-07-0807:05:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.001 Low
EPSS
Percentile
48.0%
Jetty-IO is vulnerable to denial of service. The vulnerability exists because the buffer utilization of SslConnection is not properly handled which allows an attacker to cause a memory leak leading to an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jetty core :: io utility | le | 10.0.9 | |
| jetty core :: io utility | le | 11.0.9 | |
| core :: io | le | 10.0.9 | |
| core :: io | le | 11.0.9 |
Related
ubuntucve
ubuntucve
CVE-2022-2191
2022-07-07 00:00:00
osv
osv
CVE-2022-2191
2022-07-07 21:15:10
Jetty SslConnection does not release pooled ByteBuffers in case of errors
2022-07-07 20:55:37
prion
prion
Code injection
2022-07-07 21:15:00
cve
cve
CVE-2022-2191
2022-07-07 21:15:10
debiancve
debiancve
CVE-2022-2191
2022-07-07 21:15:10
github
github
Jetty SslConnection does not release pooled ByteBuffers in case of errors
2022-07-07 20:55:37
openvas
openvas
Eclipse Jetty DoS Vulnerability (GHSA-8mpp-f3f7-xc28) - Linux
2022-07-08 00:00:00
Eclipse Jetty DoS Vulnerability (GHSA-8mpp-f3f7-xc28) - Windows
2022-07-08 00:00:00
cvelist
cvelist
CVE-2022-2191
2022-07-07 20:45:16
nvd
nvd
CVE-2022-2191
2022-07-07 21:15:10
redhatcve
redhatcve
CVE-2022-2191
2022-08-09 15:37:00
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00