FLAT-AWXRI (CVE-2026-40939)
Insecure session management In dev.dsf:dsf-common-jetty
3.7
Low
Ecosystem: Maven
Package: dev.dsf:dsf-common-jetty
FLAT-WA4VQ (CVE-2026-2332)
HTTP request smuggling In org.eclipse.jetty:jetty-http
8.9
High
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-http
FLAT-RG0QR (CVE-2026-5795)
Insecure encryption algorithm In org.eclipse.jetty.ee11:jetty-ee11-jaspi
8.1
High
Ecosystem: Maven
Package: org.eclipse.jetty.ee11:jetty-ee11-jaspi
FLAT-B0DE9 (GHSA-gc59-r5jq-98qw)
Insecure encryption algorithm In org.eclipse.jetty.ee10:jetty-ee10
8.1
High
Ecosystem: Maven
Package: org.eclipse.jetty.ee10:jetty-ee10
FLAT-I3CAC (CVE-2025-11143)
Lack of data validation In org.eclipse.jetty:jetty-http
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-http
FLAT-WEFY7 (CVE-2026-1605)
Improper resource allocation In org.eclipse.jetty:jetty-server
6.3
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-0LT1N (CVE-2025-55749)
Improper authorization control for web services In org.xwiki.platform:xwiki-platform-tool-jetty-resources
6.6
Medium
Ecosystem: Maven
Package: org.xwiki.platform:xwiki-platform-tool-jetty-resources
FLAT-V2PUT (DSA-6006-1)
Use of software with malware In jetty12
5.2
Medium
Ecosystem: Debian
Package: jetty12
FLAT-9M1AO (DSA-6005-1)
Use of software with malware In jetty9
5.2
Medium
Ecosystem: Debian
Package: jetty9
FLAT-VM4BE (DLA-4299-1)
Use of software with malware In jetty9
5.2
Medium
Ecosystem: Debian
Package: jetty9
FLAT-BQTD1 (CVE-2025-5115)
Asymmetric denial of service In org.eclipse.jetty.http2:jetty-http2-common
4.4
Medium
Ecosystem: Maven
Package: org.eclipse.jetty.http2:jetty-http2-common
FLAT-1QZUK (MAL-2025-35576)
Use of software with malware In test-mlw2-jetty-trove
5.2
Medium
Ecosystem: Npm
Package: test-mlw2-jetty-trove
FLAT-RDWIP (MAL-2025-23753)
Use of software with malware In jetty-shack-fmik
5.2
Medium
Ecosystem: Npm
Package: jetty-shack-fmik
FLAT-R7PDE (MAL-2025-36966)
Use of software with malware In titan-jetty-osi5
5.2
Medium
Ecosystem: Npm
Package: titan-jetty-osi5
FLAT-Y8OMN (MAL-2025-23752)
Use of software with malware In jetty-ocean-vznq
5.2
Medium
Ecosystem: Npm
Package: jetty-ocean-vznq
FLAT-RW61O (MAL-2025-26545)
Use of software with malware In moat-jetty-611n
5.2
Medium
Ecosystem: Npm
Package: moat-jetty-611n
FLAT-LAMV8 (MAL-2025-35580)
Use of software with malware In test-mlw2-jingo-jetty
5.2
Medium
Ecosystem: Npm
Package: test-mlw2-jingo-jetty
FLAT-E8YZQ (MAL-2025-18565)
Use of software with malware In dock-jetty-gjfr
5.2
Medium
Ecosystem: Npm
Package: dock-jetty-gjfr
FLAT-EXI96 (MAL-2025-28057)
Use of software with malware In observatory-jetty-e0m4
5.2
Medium
Ecosystem: Npm
Package: observatory-jetty-e0m4
FLAT-EXYHQ (MAL-2025-23754)
Use of software with malware In jetty-xigua-p5wn
5.2
Medium
Ecosystem: Npm
Package: jetty-xigua-p5wn
FLAT-VTTHR (MAL-2025-23749)
Use of software with malware In jetty-blackhole-fpot
5.2
Medium
Ecosystem: Npm
Package: jetty-blackhole-fpot
FLAT-FHQHK (MAL-2025-23751)
Use of software with malware In jetty-lettuce-q489
5.2
Medium
Ecosystem: Npm
Package: jetty-lettuce-q489
FLAT-L28RT (MAL-2025-23750)
Use of software with malware In jetty-carrot-tdb4
5.2
Medium
Ecosystem: Npm
Package: jetty-carrot-tdb4
FLAT-VIKFW (MAL-2025-24171)
Use of software with malware In kale-jetty-sz12
5.2
Medium
Ecosystem: Npm
Package: kale-jetty-sz12
FLAT-JWAF1 (MAL-2025-28460)
Use of software with malware In orbit-jetty-8bzr
5.2
Medium
Ecosystem: Npm
Package: orbit-jetty-8bzr
FLAT-FPWDQ (CVE-2025-1948)
Improper resource allocation In org.eclipse.jetty.http2:jetty-http2-common
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty.http2:jetty-http2-common
FLAT-18PUT (CVE-2024-13009)
Improper control of interaction frequency In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-ATBES (MAL-2025-3630)
Use of software with malware In jetty-quic
5.2
Medium
Ecosystem: Npm
Package: jetty-quic
FLAT-ZY767 (DLA-4106-2)
Lack of data validation In jetty9
1.3
Low
Ecosystem: Debian
Package: jetty9
FLAT-CGHIJ (DSA-5894-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-PBJNB (DLA-4106-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-3KZGT (CVE-2024-6763)
Lack of data validation - Path Traversal In org.eclipse.jetty:jetty-http
1.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-http
FLAT-M4XKV (CVE-2024-8184)
Improper resource allocation In org.eclipse.jetty:jetty-server
4.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-N1W80 (CVE-2024-6762)
Improper resource allocation In org.eclipse.jetty:jetty-servlets
0.6
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-servlets
FLAT-57G1F (CVE-2024-9823)
Asymmetric denial of service In org.eclipse.jetty.ee9:jetty-ee9-servlets
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty.ee9:jetty-ee9-servlets
FLAT-T54KH (DSA-5664-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-5O1HC (DLA-3780-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-TD1W5 (CVE-2024-22201)
Improper resource allocation In org.eclipse.jetty.http2:jetty-http2-common
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty.http2:jetty-http2-common
FLAT-RJCKL (DLA-3647-1)
Lack of data validation - Path Traversal In trapperkeeper-webserver-jetty9-clojure
2.7
Low
Ecosystem: Debian
Package: trapperkeeper-webserver-jetty9-clojure
FLAT-IF8PU (DLA-3641-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-LJGZ7 (DSA-5540-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-7XW1I (CVE-2023-36478)
Out-of-bounds read In org.eclipse.jetty.http3:http3-qpack
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty.http3:http3-qpack
FLAT-55KSJ (DLA-3592-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-SLQ2K (DSA-5507-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-TXJHJ (CVE-2023-41900)
Authentication mechanism absence or evasion In jetty9
1.3
Low
Ecosystem: Debian
Package: jetty9
FLAT-FM16D (CVE-2023-40167)
Insecure encryption algorithm In jetty9
1.3
Low
Ecosystem: Debian
Package: jetty9
FLAT-XDDHB (CVE-2023-36479)
Lack of data validation In jetty9
0.6
Low
Ecosystem: Debian
Package: jetty9
FLAT-Z5EUW (GHSA-58qw-p7qm-5rvh)
XML injection (XXE) In org.eclipse.jetty:jetty-xml
0.2
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-xml
FLAT-NHK5A (CVE-2023-26048)
Improper resource allocation In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-Y872T (CVE-2023-26049)
Sensitive information sent insecurely In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-NN36Z (DLA-3079-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-2EE2E (DSA-5198-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-KER57 (CVE-2022-2047)
Lack of data validation In jetty9
1.2
Low
Ecosystem: Debian
Package: jetty9
FLAT-U6YVR (CVE-2022-2048)
Improper resource allocation In jetty9
6.6
Medium
Ecosystem: Debian
Package: jetty9
FLAT-U1KH9 (CVE-2022-2191)
Improper control of interaction frequency In org.eclipse.jetty:jetty-server
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-FQBZI (CVE-2011-4461)
Lack of data validation In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-A479J (CVE-2009-4611)
Lack of data validation In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-50IMH (CVE-2009-1523)
Lack of data validation - Path Traversal In org.mortbay.jetty:jetty
1.3
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-XNY5S (CVE-2007-6672)
Lack of data validation - Path Traversal In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-6AJI9 (CVE-2007-5615)
Server side template injection In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-Z6WUL (CVE-2007-5614)
Improper authorization control for web services In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-5SJ8W (CVE-2007-5613)
Reflected cross-site scripting (XSS) In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-OBF63 (CVE-2006-6969)
Insecure generation of random numbers In org.eclipse.jetty:jetty-server
0.6
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-CLX43 (CVE-2006-2759)
Lack of data validation In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-7PHJX (CVE-2006-2758)
Lack of data validation - Path Traversal In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-XC42Q (CVE-2005-3747)
Enabled default configuration In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-1PO9J (CVE-2002-1533)
Lack of data validation - Path Traversal In org.mortbay.jetty:jetty
2.7
Low
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-X7BU6 (CVE-2004-2381)
Asymmetric denial of service In org.mortbay.jetty:jetty
6.6
Medium
Ecosystem: Maven
Package: org.mortbay.jetty:jetty
FLAT-A724C (DSA-4949-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-Z7GVN (CVE-2021-34429)
Authentication mechanism absence or evasion In org.eclipse.jetty:jetty-webapp
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-webapp
FLAT-MXD6O (CVE-2021-34428)
Insecure session management In org.eclipse.jetty:jetty-server
0.4
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-PZIZ9 (DLA-2688-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-IIGET (CVE-2021-28169)
Enabled default configuration In org.eclipse.jetty:jetty-servlets
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-servlets
FLAT-74LV3 (DLA-2661-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-OUAIU (CVE-2021-28163)
Enabled default configuration In org.eclipse.jetty:jetty-deploy
1.2
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-deploy
FLAT-0SRKL (CVE-2021-28165)
Improper resource allocation In org.eclipse.jetty:jetty-server
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-QNU90 (CVE-2021-28164)
Authentication mechanism absence or evasion In org.eclipse.jetty:jetty-webapp
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-webapp
FLAT-00D3S (CVE-2020-27223)
Asymmetric denial of service In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-341NA (CVE-2020-27218)
Insecure encryption algorithm In org.eclipse.jetty:jetty-server
1.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-KT9I7 (CVE-2020-27216)
Insecure temporary files In org.mortbay.jetty:jetty-webapp
4.4
Medium
Ecosystem: Maven
Package: org.mortbay.jetty:jetty-webapp
FLAT-MGYCL (CVE-2019-17638)
Improper resource allocation In org.eclipse.jetty:jetty-server
8.0
High
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-TKYOQ (CVE-2019-17632)
Reflected cross-site scripting (XSS) In org.eclipse.jetty:jetty-server
1.2
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-9GYXH (CVE-2019-10246)
Sensitive information sent insecurely In org.eclipse.jetty:jetty-server
1.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-V40VK (CVE-2019-10247)
Sensitive information sent insecurely In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-QQD2X (CVE-2019-10241)
Reflected cross-site scripting (XSS) In org.eclipse.jetty:jetty-server
1.3
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-GRIIZ (CVE-2018-12545)
Improper resource allocation In org.eclipse.jetty:jetty-server
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-LBSO6 (CVE-2015-2080)
Sensitive information sent insecurely In org.eclipse.jetty:jetty-server
4.9
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-C9KMX (CVE-2017-7658)
HTTP request smuggling In org.eclipse.jetty:jetty-server
8.1
High
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-DA3BG (CVE-2017-7656)
HTTP request smuggling In org.eclipse.jetty:jetty-server
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-BZNQE (CVE-2016-4800)
Improper authorization control for web services In org.eclipse.jetty:jetty-server
8.1
High
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-Q69PM (CVE-2018-12536)
Technical information leak In org.eclipse.jetty:jetty-server
2.7
Low
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-RR3FC (CVE-2017-9735)
Sensitive information sent insecurely In org.eclipse.jetty:jetty-server
6.6
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-966W1 (CVE-2017-7657)
HTTP request smuggling In org.eclipse.jetty:jetty-server
8.1
High
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-3D3FZ (CVE-2017-7661)
Cross-site request forgery In org.apache.cxf.fediz:fediz-jetty9
1.3
Low
Ecosystem: Maven
Package: org.apache.cxf.fediz:fediz-jetty9
FLAT-OBVUD (CVE-2018-12538)
Concurrent sessions In org.eclipse.jetty:jetty-server
6.3
Medium
Ecosystem: Maven
Package: org.eclipse.jetty:jetty-server
FLAT-MO2BV (DSA-4278-1)
Improper authorization control for web services In jetty9
2.7
Low
Ecosystem: Debian
Package: jetty9
FLAT-EZTPD (DLA-1020-1)
Improper authorization control for web services In jetty
2.7
Low
Ecosystem: Debian
Package: jetty
FLAT-2ZQ5H (DLA-1021-1)
Improper authorization control for web services In jetty8
2.7
Low
Ecosystem: Debian
Package: jetty8