How severe is CVE-2022-2191?

CVE-2022-2191 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-2191

Name: jetty
Author: eclipse

7.5HIGH

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.

公開日: 7/7/2022更新日: 11/21/2024

説明

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.

AI分析AIによる分析

影響を受ける製品

eclipsejetty

参照

https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
ExploitVendor Advisory
https://security.netapp.com/advisory/ntap-20220909-0003/
Third Party Advisory
https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
ExploitVendor Advisory
https://security.netapp.com/advisory/ntap-20220909-0003/
Third Party Advisory