Synced 16 Jun 2026 15:24 UTC Account
← All products

Eclipse Jetty

Eclipse · Web / Server
↻ RSS feed
Monitors Eclipse Jetty and tailors your dashboard to that exact version.
12.1.10 · latest cycle100/100 Healthy

Summary iPlain-English security verdict for Eclipse Jetty, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

Eclipse Jetty currently scores 100/100 — healthy. 1 actively-exploited vulnerability (CISA KEV) affects older releases (e.g. CVE-2023-44487) — staying on the latest supported version keeps you clear of it. The latest supported release is 12.1.10. It's on the latest patch with no significant known issues — keep it current.

Disclosure trend iNew CVEs published for Eclipse Jetty each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19
'20
'21
'22
'23
'24
'25
'26

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2023-44487 HIGH exploited Uncontrolled resource consumption EPSS 100% → fixed in 12.0.2 CVE-2021-34429 MEDIUM Information disclosure EPSS 99% → fixed in 11.0.6 CVE-2021-28164 MEDIUM Information disclosure EPSS 82% → see advisory CVE-2021-28169 MEDIUM Information disclosure EPSS 78% → fixed in 11.0.3 CVE-2020-27223 MEDIUM CWE-407 EPSS 78% → fixed in 9.4.36 CVE-2015-2080 HIGH Information disclosure EPSS 75% → see advisory CVE-2021-28165 HIGH Uncontrolled resource consumption EPSS 54% → fixed in 11.0.2 CVE-2017-7658 CRITICAL CWE-444 EPSS 21% → fixed in 9.4.11 CVE-2017-7657 CRITICAL CWE-444 EPSS 16% → fixed in 9.4.11 CVE-2019-17638 CRITICAL CWE-672 EPSS 11% → see advisory CVE-2016-4800 CRITICAL Improper access control EPSS 6% → see advisory

See all 47 known Eclipse Jetty CVEs & security history →

Get alerted about Eclipse Jetty

Be emailed the moment Eclipse Jetty gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.

We email only on real events for Eclipse Jetty — no marketing, no sharing, and we never know what you run. Track your whole stack →

Monitor up to 200 products — freeHit ☆ Monitor on anything you run, then sign in (no password) to sync your stack across devices and unlock smart insights, risk history & CSV/JSON exports. Sign in free →

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each Eclipse Jetty release line is supported — and when it sunsets. Select a line for its full report.

Aug14'25 Eclipse Jetty 9.4ended 2025-08-14
Jan1'25 Eclipse Jetty 11ended 2025-01-01
Jan1'25 Eclipse Jetty 10ended 2025-01-01
Dec7'20 Eclipse Jetty 9.3ended 2020-12-07
Mar8'18 Eclipse Jetty 9.2ended 2018-03-08
Dec31'14 Eclipse Jetty 9.1ended 2014-12-31
Dec31'14 Eclipse Jetty 8ended 2014-12-31
Dec31'14 Eclipse Jetty 7ended 2014-12-31
Dec31'13 Eclipse Jetty 9.0ended 2013-12-31

Full Eclipse Jetty end-of-life dates & support timeline →

12.1 latest 12.1.10 Supported 12.1.10 → 12.0 latest 12.0.36 Supported 12.0.36 → 11 latest 11.0.26 End of life ended 2025-01-0111.0.26 → 10 latest 10.0.26 End of life ended 2025-01-0110.0.26 → 9.4 latest 9.4.58.v20250814 End of life ended 2025-08-149.4.58.v20250814 → 9.3 latest 9.3.30.v20211001 End of life ended 2020-12-079.3.30.v20211001 → 9.2 latest 9.2.30.v20200428 End of life ended 2018-03-089.2.30.v20200428 → 9.1 latest 9.1.6.v20160112 End of life ended 2014-12-319.1.6.v20160112 → 9.0 latest 9.0.7.v20131107 End of life ended 2013-12-319.0.7.v20131107 → 8 latest 8.2.0.v20160908 End of life ended 2014-12-318.2.0.v20160908 → See all upcoming end-of-life dates →

Frequently asked

Is Eclipse Jetty safe and patched?

Eclipse Jetty currently scores 100/100 — healthy. 1 actively-exploited vulnerability (CISA KEV) affects older releases (e.g. CVE-2023-44487) — staying on the latest supported version keeps you clear of it. The latest supported release is 12.1.10. It's on the latest patch with no significant known issues — keep it current.

What should I do about Eclipse Jetty now?

Upgrade Eclipse Jetty to the latest supported release (12.1.10) or later, which clears the actively-exploited issues affecting older versions, then confirm against Eclipse's official advisory.

When does Eclipse Jetty reach end-of-life?

The latest supported Eclipse Jetty release is 12.1.10. After end-of-life a release no longer receives security patches.

Which versions of Eclipse Jetty are still receiving security updates?

Supported Eclipse Jetty release lines (latest 12.1.10): 12.1, 12.0. End-of-life releases no longer receive security patches.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Eclipse's official advisory before you patch or upgrade — Eclipse Jetty official site ↗