Visit Jetty Home Page
Jetty 10.0.x Release Notes
3 versions
Comprehensive release notes and changelog for Jetty 10.0.x, including security patches, bug fixes, and feature updates across all supported versions.
April 2026
10.0.29
Released Apr 10, 2026 Full Version:
10.0.29
Security Fixes
- JASPI access control escalation (CVE-2026-5795).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
10.0.26.
March 2026
10.0.28
Released Mar 6, 2026 Full Version:
10.0.28
Security Fixes
- HTTP Request Smuggling via Chunked Extension Quoted-String Parsing (CVE-2026-2332).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
10.0.26.
10.0.27
Released Mar 5, 2026 Full Version:
10.0.27
Security Fixes
- Fixed improper input validation in jetty-http where malformed URIs were parsed differently than other common parsers, potentially allowing blocklist bypass in multi-component systems (CVE-2025-11143).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
10.0.26.
Stay in the loop
~/herodevs-spring-framework-support
herodevs@nes:open-source$ ./display-support-info.sh