Home
MEDIUM: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:NDefault status
unaffected
12.0.0 (semver)
affected
12.1.0 (semver)
affected
Description
In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.
Problem types
Product status
12.0.0 (semver)
12.1.0 (semver)
References
gitlab.eclipse.org/security/cve-assignment/-/work_items/119