Home

Description

In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.

PUBLISHED Reserved 2026-05-29 | Published 2026-07-14 | Updated 2026-07-14 | Assigner eclipse




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-200

Product status

Default status
unaffected

12.0.0 (semver)
affected

12.1.0 (semver)
affected

References

gitlab.eclipse.org/security/cve-assignment/-/work_items/119

cve.org (CVE-2026-10051)

nvd.nist.gov (CVE-2026-10051)

Download JSON