Vulnerability Details CVE-2024-7708
For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.
This is particularly the case for 100-Continue, but any request where the network is slow can leak.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2024-7708
-
cpe:2.3:a:eclipse:jetty:10.0.10
-
cpe:2.3:a:eclipse:jetty:10.0.11
-
cpe:2.3:a:eclipse:jetty:10.0.12
-
cpe:2.3:a:eclipse:jetty:10.0.13
-
cpe:2.3:a:eclipse:jetty:10.0.14
-
cpe:2.3:a:eclipse:jetty:10.0.15
-
cpe:2.3:a:eclipse:jetty:10.0.16
-
cpe:2.3:a:eclipse:jetty:10.0.17
-
cpe:2.3:a:eclipse:jetty:10.0.18
-
cpe:2.3:a:eclipse:jetty:10.0.19
-
cpe:2.3:a:eclipse:jetty:10.0.20
-
cpe:2.3:a:eclipse:jetty:10.0.21
-
cpe:2.3:a:eclipse:jetty:10.0.22
-
cpe:2.3:a:eclipse:jetty:10.0.7
-
cpe:2.3:a:eclipse:jetty:10.0.8
-
cpe:2.3:a:eclipse:jetty:10.0.9
-
cpe:2.3:a:eclipse:jetty:11.0.10
-
cpe:2.3:a:eclipse:jetty:11.0.11
-
cpe:2.3:a:eclipse:jetty:11.0.12
-
cpe:2.3:a:eclipse:jetty:11.0.13
-
cpe:2.3:a:eclipse:jetty:11.0.14
-
cpe:2.3:a:eclipse:jetty:11.0.15
-
cpe:2.3:a:eclipse:jetty:11.0.16
-
cpe:2.3:a:eclipse:jetty:11.0.17
-
cpe:2.3:a:eclipse:jetty:11.0.18
-
cpe:2.3:a:eclipse:jetty:11.0.19
-
cpe:2.3:a:eclipse:jetty:11.0.20
-
cpe:2.3:a:eclipse:jetty:11.0.21
-
cpe:2.3:a:eclipse:jetty:11.0.22
-
cpe:2.3:a:eclipse:jetty:11.0.7
-
cpe:2.3:a:eclipse:jetty:11.0.8
-
cpe:2.3:a:eclipse:jetty:11.0.9