CVE-2021-28165, GHSA-26vr-8j45-3r4w
maven/org.eclipse.jetty/jetty-client
Uncontrolled Resource Consumption
In Eclipse Jetty to alpha0 to alpha0 to, CPU usage can reach % upon receiving a large invalid TLS frame.
All versions starting from 7.2.2 before 9.4.39, all versions starting from 10.0.0 before 10.0.2, all versions starting from 11.0.0 before 11.0.2
Upgrade to versions 9.4.39.v20210325, 10.0.2, 11.0.2 or above.
2021-04-10
source |