CVE-2022-2191
7.5HIGHIn Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.
Published: 7/7/2022Updated: 11/21/2024
Description
In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.
AI AnalysisPowered by AI
Affected Products
eclipsejetty
eclipsejetty
References
- https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28ExploitVendor Advisory
- https://security.netapp.com/advisory/ntap-20220909-0003/Third Party Advisory
- https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28ExploitVendor Advisory
- https://security.netapp.com/advisory/ntap-20220909-0003/Third Party Advisory