CVE security advisories and vulnerability history for Eclipse Jetty by Eclipse Foundation.
31
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
4
Public exploits
PoC or exploit code
6.5
Avg CVSS
2018–2026
Last updated
Overview
Eclipse Foundation Eclipse Jetty has 31 published CVE records since 2018, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 4 have a known public exploit. The average CVSS base score across scored CVEs is 6.5.
This page aggregates every publicly disclosed vulnerability (CVE) affecting Eclipse Foundation Eclipse Jetty, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of Eclipse Foundation Eclipse Jetty's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical4
High10
Medium14
Low3
In CISA’s Known Exploited Vulnerabilities catalog
0
None of Eclipse Foundation Eclipse Jetty's CVEs are currently listed in CISA's KEV catalog.
Public exploits
4
4 of Eclipse Foundation Eclipse Jetty's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every Eclipse Foundation Eclipse Jetty version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about Eclipse Foundation Eclipse Jetty vulnerabilities.
How many CVEs does Eclipse Foundation Eclipse Jetty have?
Eclipse Foundation Eclipse Jetty has 31 published CVE records since 2018.
How many Eclipse Foundation Eclipse Jetty CVEs are in CISA KEV?
None of Eclipse Foundation Eclipse Jetty's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for Eclipse Foundation Eclipse Jetty vulnerabilities?
Yes — 4 of Eclipse Foundation Eclipse Jetty's CVEs have a known public exploit.
Which versions of Eclipse Foundation Eclipse Jetty are affected?
131 distinct Eclipse Foundation Eclipse Jetty versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in Eclipse Foundation Eclipse Jetty CVEs?
Eclipse Foundation Eclipse Jetty's CVEs most often map to these CWE weakness types: CWE-444 (Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')), CWE-400 (Uncontrolled Resource Consumption), CWE-20 (Improper Input Validation), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor).
How many critical Eclipse Foundation Eclipse Jetty vulnerabilities are there?
Eclipse Foundation Eclipse Jetty has 4 critical and 10 high-severity CVEs.
What is the average severity of Eclipse Foundation Eclipse Jetty CVEs?
The average CVSS base score across Eclipse Foundation Eclipse Jetty's scored CVEs is 6.5.