How severe is CVE-2022-2191?

CVE-2022-2191 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-2191

Name: jetty
Author: eclipse

7.5HIGH

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.

게시됨: 7/7/2022업데이트됨: 11/21/2024

설명

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.

AI 분석AI 기반

영향받는 제품

eclipsejetty

참조

https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
ExploitVendor Advisory
https://security.netapp.com/advisory/ntap-20220909-0003/
Third Party Advisory
https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
ExploitVendor Advisory
https://security.netapp.com/advisory/ntap-20220909-0003/
Third Party Advisory