Published
Last updated
Jetty vulnerable to exposure of sensitive information to unauthenticated remote users
The exception handling code in Eclipse Jetty prior to 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.