🔐 CVE-2024-8184: org.eclipse.jetty:jetty-server:jar:9.4.54.v20240208:test

[github-actions[bot]]

Summary

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.

CVE: CVE-2024-8184 CWE: CWE-400

References

• https://ossindex.sonatype.org/vulnerability/CVE-2024-8184?component-type=maven&component-name=org.eclipse.jetty%2Fjetty-server&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
• http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-8184
• https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq