Issue Overview: There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally. (CVE-2024-9823) Affected Packages: jetty Note: This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update jetty to update your system. New Packages: noarch: jetty-project-9.0.3-8.amzn2.0.4.noarch jetty-annotations-9.0.3-8.amzn2.0.4.noarch jetty-ant-9.0.3-8.amzn2.0.4.noarch jetty-client-9.0.3-8.amzn2.0.4.noarch jetty-continuation-9.0.3-8.amzn2.0.4.noarch jetty-deploy-9.0.3-8.amzn2.0.4.noarch jetty-http-9.0.3-8.amzn2.0.4.noarch jetty-io-9.0.3-8.amzn2.0.4.noarch jetty-jaas-9.0.3-8.amzn2.0.4.noarch jetty-jaspi-9.0.3-8.amzn2.0.4.noarch jetty-jmx-9.0.3-8.amzn2.0.4.noarch jetty-jndi-9.0.3-8.amzn2.0.4.noarch jetty-jsp-9.0.3-8.amzn2.0.4.noarch jetty-jspc-maven-plugin-9.0.3-8.amzn2.0.4.noarch jetty-maven-plugin-9.0.3-8.amzn2.0.4.noarch jetty-monitor-9.0.3-8.amzn2.0.4.noarch jetty-plus-9.0.3-8.amzn2.0.4.noarch jetty-proxy-9.0.3-8.amzn2.0.4.noarch jetty-rewrite-9.0.3-8.amzn2.0.4.noarch …Read More