Jetty PushSessionCacheFilter can be exploited by unauthenticated users
to launch remote DoS attacks by exhausting the server’s memory.
Metrics
Affected Vendors & Products
References
History
Fri, 08 Nov 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Eclipse
Eclipse jetty |
|
Weaknesses | CWE-770 | |
CPEs | cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* | |
Vendors & Products |
Eclipse
Eclipse jetty |
Tue, 15 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 15 Oct 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Mon, 14 Oct 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. | |
Title | Jetty PushSessionCacheFilter can cause remote DoS attacks | |
Weaknesses | CWE-400 | |
References |
|
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: eclipse
Published: 2024-10-14T15:07:10.942Z
Updated: 2024-10-15T17:42:50.434Z
Reserved: 2024-07-15T17:35:50.791Z
Link: CVE-2024-6762
Vulnrichment
Updated: 2024-10-15T17:42:46.395Z
NVD
Status : Analyzed
Published: 2024-10-14T16:15:03.930
Modified: 2024-11-08T21:29:51.237
Link: CVE-2024-6762
Redhat