CVE-2024-6762: Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks
(updated )
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
References
- github.com/advisories/GHSA-r7m4-f9h5-gr79
- github.com/jetty/jetty.project
- github.com/jetty/jetty.project/pull/10755
- github.com/jetty/jetty.project/pull/10756
- github.com/jetty/jetty.project/pull/9715
- github.com/jetty/jetty.project/pull/9716
- github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79
- gitlab.eclipse.org/security/cve-assignement/-/issues/24
- nvd.nist.gov/vuln/detail/CVE-2024-6762
Detect and mitigate CVE-2024-6762 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →