CVE-2024-13009
- Source
- https://cve.org/CVERecord?id=CVE-2024-13009
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-13009.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-13009
- Aliases
- Downstream
- Related
- Published
- 2025-05-08T17:29:31.380Z
- Modified
- 2026-05-15T04:08:36.316297949Z
- Severity
-
- 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- Eclipse Jetty GZIP buffer release
- Details
-
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
- Database specific
{ "cwe_ids": [ "CWE-404" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/13xxx/CVE-2024-13009.json", "cna_assigner": "eclipse" }- References