In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse jetty |
||
eclipse jetty 9.4.6 |
||
eclipse jetty 9.4.36 |
||
eclipse jetty 10.0.0 |
||
eclipse jetty 11.0.0 |
||
apache nifi 1.13.0 |
||
apache spark 3.1.1 |
||
netapp e-series santricity os controller |
||
netapp e-series santricity web services - |
||
netapp element plug-in for vcenter server - |
||
netapp hci - |
||
netapp hci management node - |
||
netapp management services for element software - |
||
netapp snap creator framework - |
||
netapp snapcenter - |
||
netapp snapmanager - |
||
netapp solidfire - |
||
debian debian linux 10.0 |
||
apache solr 8.8.1 |
||
oracle rest data services |