Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Server

Jetty

Eclipse Jetty provides a Web server and javax.servlet container plus support for HTTP/2 WebSocket OSGi JMX JNDI JAAS and many other integrations. These components are open source and available for commercial use and distribution.

Official Site:

https://www.eclipse.org/jetty/

Severity Summary:

Critical: 5 High: 19 Medium: 14 Low: 3
Reference
Title
Severity
CVE-2026-2332
Jetty Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Critical
CVE-2017-7657
Jetty Integer Overflow or Wraparound Vulnerability
Critical
CVE-2009-5047
Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2016-4800
Jetty Improper Access Control Vulnerability
Critical
CVE-2017-7658
Jetty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Critical
CVE-2017-9735
Jetty Observable Discrepancy Vulnerability
High
CVE-2026-5795
Jetty Sensitive Information in Resource Not Removed Before Reuse Vulnerability
High
CVE-2026-1605
Jetty Missing Release of Memory after Effective Lifetime Vulnerability
High
CVE-2025-5115
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2024-9823
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2025-1948
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2024-13009
Jetty Improper Resource Shutdown or Release Vulnerability
High
CVE-2024-22201
Jetty Allocation of Resources Without Limits or Throttling Vulnerability
High
CVE-2023-44487
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2023-36478
Jetty Integer Overflow or Wraparound Vulnerability
High
CVE-2022-2191
Jetty Improper Resource Shutdown or Release Vulnerability
High
CVE-2022-2048
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2017-7656
Jetty Vulnerability
High
CVE-2018-12538
Jetty Session Fixation Vulnerability
High
CVE-2020-27216
Jetty Other Vulnerability
High
CVE-2020-27223
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2009-5045
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2021-28165
Jetty Uncontrolled Resource Consumption Vulnerability
High
CVE-2015-2080
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2021-34429
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2024-8184
Jetty Allocation of Resources Without Limits or Throttling Vulnerability
Medium
CVE-2025-11143
Jetty Improper Input Validation Vulnerability
Medium
CVE-2020-27218
Jetty Vulnerability
Medium
CVE-2009-5046
Jetty Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-6762
Jetty Allocation of Resources Without Limits or Throttling Vulnerability
Medium