In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.
History

Tue, 14 Jul 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Eclipse
Eclipse jetty
Vendors & Products Eclipse
Eclipse jetty

Tue, 14 Jul 2026 09:15:00 +0000

Type Values Removed Values Added
Description In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the union of trailers of the first request and the current request.
Weaknesses CWE-200
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: eclipse

Published: 2026-07-14T08:44:38.233Z

Updated: 2026-07-14T08:44:38.233Z

Reserved: 2026-05-29T07:28:48.617Z

Link: CVE-2026-10051

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.