View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-2191 severity important: SUSE including 8 source package names (jetty-http, jetty-io, …), 45 product×package rows across 10 product lines (SUSE Enterprise Storage 7, SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS, … (10 product lines)): Known Not Affected 45.
In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.