SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3720

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3720

Security update for jetty-minimal

Type: security

Severity: moderate

Issued: 2024-10-18

Description:

This update for jetty-minimal fixes the following issues:

- CVE-2024-8184: Fixed remote denial-of-service in ThreadLimitHandler.getRemote() (bsc#1231651).

References

CVE: CVE-2024-8184
Bugzilla: 1231651 VUL-0: CVE-2024-8184: jetty-minimal, jetty-websocket: org.eclipse.jetty:jetty-server: ThreadLimitHandler.getRemote() can be used by unauthorized users to trigger OutofMemory errors and exhaust a server's memory

Packages

jetty-minimal-9.4.56-150200.3.28.1