CVE-2004-2381
EPSS 1.3%Jetty HTTP Server Denial of Service vulnerability
Published: 4/29/2022Modified: 11/28/2024
Description
HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
Affected packages (1)
- Maven/org.mortbay.jetty:jettyfrom 0, < 4.2.19
References (5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2004-2381
- WEBhttp://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/15537
- WEBhttp://sourceforge.net/project/shownotes.php?release_id=224743
- WEBhttp://www.osvdb.org/4387