Search criteria
86 vulnerabilities found for jetty by eclipse
VAR-202310-0175
Vulnerability from variot - Updated: 2025-12-22 22:37The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. The updated image includes new features and bug fixes.
It contains the following bug fixes and changes:
-
Previously, Red Hat OpenShift Container Platform customers using the downloaded manifest bundle with automatic upgrades enabled found that Sensor did not automatically upgrade, and failed with a
PRE_FLIGHT_CHECKS_FAILEDerror. This issue has been fixed. (ROX-19955) -
RHACS 4.2.2 includes a new default policy called \"Rapid Reset: Denial of Service Vulnerability in HTTP/2 Protocol\". This policy alerts on deployments with images containing components that are susceptible to a Denial of Service (DoS) vulnerability for HTTP/2 servers, based on CVE-2023-44487 and CVE-2023-39325. This policy applies to the build or deploy life cycle stage.
Description:
This asynchronous patch is a security update zip for the JBoss EAP XP 4.0.0 runtime distribution for use with EAP 7.4.13. ========================================================================== Ubuntu Security Notice USN-6438-2 October 25, 2023
.Net regressions
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
Summary:
An incomplete fix was discovered in .Net.
Software Description: - dotnet6: dotNET CLI tools and runtime - dotnet7: dotNET CLI tools and runtime
Details:
USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem.
Original advisory details:
Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799)
It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.10.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-host 6.0.124-0ubuntu1~23.10.1 dotnet-host-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~23.10.1 dotnet6 6.0.124-0ubuntu1~23.10.1 dotnet7 7.0.113-0ubuntu1~23.10.1
In general, a standard system update will make all the necessary changes.
The following data is constructed from data provided by Red Hat's json file at:
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5896.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
==================================================================== Red Hat Security Advisory
Synopsis: Important: OpenShift Container Platform 4.12.40 bug fix and security update Advisory ID: RHSA-2023:5896-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:5896 Issue date: 2023-10-25 Revision: 01 CVE Names: CVE-2023-44487 ====================================================================
Summary:
Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.12.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.40. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2023:5898
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html
Security Fix(es):
- HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html
Solution:
https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html
CVEs:
CVE-2023-44487
References:
https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5522-1 security@debian.org https://www.debian.org/security/ Markus Koschany October 10, 2023 https://www.debian.org/security/faq
Package : tomcat9 CVE ID : CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
CVE-2023-24998
Denial of service. Tomcat uses a packaged renamed copy of Apache Commons
FileUpload to provide the file upload functionality defined in the Jakarta
Servlet specification. Apache Tomcat was, therefore, also vulnerable to the
Commons FileUpload vulnerability CVE-2023-24998 as there was no limit to
the number of request parts processed. This resulted in the possibility of
an attacker triggering a DoS with a malicious upload or series of uploads.
CVE-2023-41080
Open redirect. If the ROOT (default) web application is configured to use
FORM authentication then it is possible that a specially crafted URL could
be used to trigger a redirect to an URL of the attackers choice.
CVE-2023-42795
Information Disclosure. When recycling various internal objects, including
the request and the response, prior to re-use by the next request/response,
an error could cause Tomcat to skip some parts of the recycling process
leading to information leaking from the current request/response to the
next.
CVE-2023-44487
DoS caused by HTTP/2 frame overhead (Rapid Reset Attack)
CVE-2023-45648
Request smuggling. Tomcat did not correctly parse HTTP trailer headers. A
specially crafted, invalid trailer header could cause Tomcat to treat a
single request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.
For the oldstable distribution (bullseye), these problems have been fixed in version 9.0.43-2~deb11u7.
We recommend that you upgrade your tomcat9 packages.
For the detailed security status of tomcat9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUlyBRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRBnhAAk1o0EDLnX1zaS0Xnz9jybhd9XdXat1HwZXvV3XFRGVXu5+r2bKH+KQjU 0GJ6koP3KDt10DrI8DzOq+9Msu0/TbPYAZKDHPjPYfcUqXRmwRrvTXtq5cbR5v3+ JxgJhiqjQYb1DYiDLC5iU+6aryrZg2ma1i81lG5v8N1TDfaCHzbZiMpyeYEABkd7 eKX3tzngoK9UaIgYVBxrjnM9bPRWnRFJRBMu/hs4VS6gxqzAaZT72Tcaf0Vf3t1s Es5IMgrhBC0Q2Amlm3N5z37p0nlhnJdNC3dAHetRCy92g9/KsjB/1BZfYY7rM8wV WwvB5WwQ0T4eRqKmc8yY86sUdfXkhPqz1oFDbnNgxtBjMm2z/of9pNEm+2NCpv9P 3MpCIKsEWiGH8+uleGuFhAHoWeUYjDNJjH1di6+PYZoBaEJ8eiXct/THBt/0nvFR Nh6AFDqi1Hi5/GdPK71eFRDsXOwgSuRg1ZRJtJP1W/dYEiczP89l0CM04PwxEAn2 dbE2ZCUQmIzQdng4OAHt+ze+QDini4HtoRJnQHq4P/QUIEQAE9C0hOIMMnrtpqIY A77Qa1bBVqDgLlhvSmpSrVigmfyXSpmtfc9G0KXcq5IAvr75jZ0PNuIk/VTyklYj e3g3nA1rbB1jlx6cvPqWBFItXW8800mJ0CXHb8EN8jKdB5BnooY= =6KYM -----END PGP SIGNATURE----- .
Description:
Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.
Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202310-0175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "node healthcheck operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "secure dynamic attributes connector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.0"
},
{
"model": "varnish cache",
"scope": "lt",
"trust": 1.0,
"vendor": "varnish cache",
"version": "2023-10-10"
},
{
"model": "decision manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "openshift",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "nginx plus",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "r29"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "build of quarkus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "netty",
"scope": "lt",
"trust": 1.0,
"vendor": "netty",
"version": "4.1.100"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "cost management",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "nx-os",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "10.2\\(7\\)"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "tomcat",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "8.5.0"
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip websafe",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "kong gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "konghq",
"version": "3.4.2"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "9.0.0"
},
{
"model": "prime network registrar",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "openshift virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "nginx ingress controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "3.0.0"
},
{
"model": "integration camel k",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "integration service registry",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip ssl orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "migration toolkit for applications",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "solr",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "9.4.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "iot field network director",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.11.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "openshift distributed tracing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.6"
},
{
"model": "cbl-mariner",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "2023-10-11"
},
{
"model": "asp.net core",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.23"
},
{
"model": "big-ip next",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "20.0.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "16.2"
},
{
"model": "unified contact center enterprise - live data server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6.2"
},
{
"model": "nx-os",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "10.3\\(5\\)"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "caddy",
"scope": "lt",
"trust": 1.0,
"vendor": "caddyserver",
"version": "2.7.5"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application visibility and reporting",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "expressway",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "x14.3.3"
},
{
"model": "big-ip carrier-grade nat",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "nghttp2",
"scope": "lt",
"trust": 1.0,
"vendor": "nghttp2",
"version": "1.57.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "openshift pipelines",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip carrier-grade nat",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "unified contact center domain manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "12.0.0"
},
{
"model": "openshift secondary scheduler operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "16.1"
},
{
"model": "grpc",
"scope": "gte",
"trust": 1.0,
"vendor": "grpc",
"version": "1.58.0"
},
{
"model": "swiftnio http\\/2",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "1.28.0"
},
{
"model": "openshift dev spaces",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "windows 10 21h2",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.19044.3570"
},
{
"model": "big-ip carrier-grade nat",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "opensearch data prepper",
"scope": "lt",
"trust": 1.0,
"vendor": "amazon",
"version": "2.5.0"
},
{
"model": "telepresence video communication server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "x14.3.3"
},
{
"model": "big-ip application visibility and reporting",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "advanced cluster security",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.003.009"
},
{
"model": "big-ip advanced web application firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "linkerd",
"scope": "lte",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.12.5"
},
{
"model": "service interconnect",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "machine deletion remediation operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "satellite",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.7.5"
},
{
"model": "windows 11 21h2",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.22000.2538"
},
{
"model": "traefik",
"scope": "eq",
"trust": 1.0,
"vendor": "traefik",
"version": "3.0.0"
},
{
"model": "single sign-on",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "ios xr",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.11.2"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "10.0.0"
},
{
"model": "ultra cloud core - serving gateway function",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2024.02.0"
},
{
"model": "secure malware analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.19.2"
},
{
"model": "self node remediation operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "37"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "9.0.80"
},
{
"model": "nx-os",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "10.4\\(1\\)"
},
{
"model": "cryostat",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "oncommand insight",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "nginx plus",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "r29"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "20.8.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "38"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.6.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "11.0.0"
},
{
"model": "grpc",
"scope": "lte",
"trust": 1.0,
"vendor": "grpc",
"version": "1.59.2"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "openshift api for data protection",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip ssl orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "integration camel for spring boot",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "istio",
"scope": "gte",
"trust": 1.0,
"vendor": "istio",
"version": "1.18.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "support for spring boot",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "prime infrastructure",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10.4"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "8.5.93"
},
{
"model": "big-ip websafe",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "nginx plus",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "r25"
},
{
"model": "web terminal",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "nx-os",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "10.4\\(2\\)"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "ceph storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "proxygen",
"scope": "lt",
"trust": 1.0,
"vendor": "facebook",
"version": "2023.10.16.00"
},
{
"model": ".net",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "nx-os",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "10.3\\(1\\)"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.4.2"
},
{
"model": "traffic server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "9.2.3"
},
{
"model": "istio",
"scope": "gte",
"trust": 1.0,
"vendor": "istio",
"version": "1.19.0"
},
{
"model": "http2",
"scope": "lt",
"trust": 1.0,
"vendor": "golang",
"version": "0.17.0"
},
{
"model": "windows 10 1607",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.14393.6351"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "crosswork zero touch provisioning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.0"
},
{
"model": "big-ip carrier-grade nat",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.0"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "node maintenance operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "networking",
"scope": "lt",
"trust": 1.0,
"vendor": "golang",
"version": "0.17.0"
},
{
"model": "linkerd",
"scope": "eq",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.14.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "grpc",
"scope": "eq",
"trust": 1.0,
"vendor": "grpc",
"version": "1.57.0"
},
{
"model": ".net",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0.12"
},
{
"model": "big-ip ssl orchestrator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip carrier-grade nat",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip application visibility and reporting",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "run once duration override operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip next service proxy for kubernetes",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "1.8.2"
},
{
"model": "grpc",
"scope": "lt",
"trust": 1.0,
"vendor": "grpc",
"version": "1.56.3"
},
{
"model": "windows 10 22h2",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.19045.3570"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "10.1.13"
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.7"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "advanced cluster management for kubernetes",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "advanced cluster security",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "openresty",
"scope": "lt",
"trust": 1.0,
"vendor": "openresty",
"version": "1.21.4.3"
},
{
"model": "big-ip carrier-grade nat",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip ssl orchestrator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "asp.net core",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.0"
},
{
"model": "windows 10 1809",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.17763.4974"
},
{
"model": "prime cable provisioning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.1"
},
{
"model": "linkerd",
"scope": "eq",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.14.1"
},
{
"model": "service telemetry framework",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.5"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "crosswork data gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.0"
},
{
"model": "jboss fuse",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "contour",
"scope": "lt",
"trust": 1.0,
"vendor": "projectcontour",
"version": "2023-10-11"
},
{
"model": ".net",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.0"
},
{
"model": "traffic server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "8.1.9"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "nginx plus",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "r30"
},
{
"model": "big-ip websafe",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "grpc",
"scope": "lt",
"trust": 1.0,
"vendor": "grpc",
"version": "1.58.3"
},
{
"model": "big-ip websafe",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "certification for red hat enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "istio",
"scope": "lt",
"trust": 1.0,
"vendor": "istio",
"version": "1.17.6"
},
{
"model": "big-ip ssl orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "openshift service mesh",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "data center network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "openshift sandboxed containers",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "jenkins",
"scope": "lte",
"trust": 1.0,
"vendor": "jenkins",
"version": "2.427"
},
{
"model": "big-ip ssl orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "jboss data grid",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "20.0.0"
},
{
"model": "azure kubernetes service",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "2023-10-08"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "9.4.53"
},
{
"model": "big-ip advanced web application firewall",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "process automation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip carrier-grade nat",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip application visibility and reporting",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "nginx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "1.9.5"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "logging subsystem for red hat openshift",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "envoy",
"scope": "eq",
"trust": 1.0,
"vendor": "envoyproxy",
"version": "1.24.10"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "envoy",
"scope": "eq",
"trust": 1.0,
"vendor": "envoyproxy",
"version": "1.27.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip ssl orchestrator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "crosswork situation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application visibility and reporting",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "ultra cloud core - policy control function",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2024.01.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "istio",
"scope": "lt",
"trust": 1.0,
"vendor": "istio",
"version": "1.18.3"
},
{
"model": "connected mobile experiences",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "istio",
"scope": "lt",
"trust": 1.0,
"vendor": "istio",
"version": "1.19.1"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip websafe",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "asp.net core",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0.0"
},
{
"model": "jboss a-mq streams",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "18.18.2"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "crosswork data gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.2"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "10.0.17"
},
{
"model": "jboss fuse",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0.0"
},
{
"model": "tomcat",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "10.1.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "tomcat",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "9.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "12.0.2"
},
{
"model": "3scale api management platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "ansible automation platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "go",
"scope": "lt",
"trust": 1.0,
"vendor": "golang",
"version": "1.21.3"
},
{
"model": "traefik",
"scope": "lt",
"trust": 1.0,
"vendor": "traefik",
"version": "2.10.5"
},
{
"model": "openshift gitops",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip application visibility and reporting",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "asp.net core",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0.12"
},
{
"model": "go",
"scope": "gte",
"trust": 1.0,
"vendor": "golang",
"version": "1.21.0"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "11.0.17"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "nginx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "1.25.2"
},
{
"model": "windows server 2022",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": ".net",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.23"
},
{
"model": "jboss a-mq",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.2.20"
},
{
"model": "nginx ingress controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "2.0.0"
},
{
"model": "ultra cloud core - session management function",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2024.02.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip websafe",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "ultra cloud core - policy control function",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2024.01.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "17.1"
},
{
"model": "network observability operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.4.12"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "18.0.0"
},
{
"model": "http",
"scope": "eq",
"trust": 1.0,
"vendor": "ietf",
"version": "2.0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip application visibility and reporting",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "crosswork data gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "openshift developer tools and services",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "envoy",
"scope": "eq",
"trust": 1.0,
"vendor": "envoyproxy",
"version": "1.26.4"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "fence agents remediation operator",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "http2",
"scope": "lt",
"trust": 1.0,
"vendor": "kazu yamamoto",
"version": "4.2.2"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "17.15.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip next service proxy for kubernetes",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "1.5.0"
},
{
"model": "big-ip application visibility and reporting",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "fog director",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.22"
},
{
"model": "certification for red hat enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "quay",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0.0"
},
{
"model": "go",
"scope": "lt",
"trust": 1.0,
"vendor": "golang",
"version": "1.20.10"
},
{
"model": "migration toolkit for virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip ssl orchestrator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "prime access registrar",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3.3"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "windows 11 22h2",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.22621.2428"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "cert-manager operator for red hat openshift",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "migration toolkit for containers",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip carrier-grade nat",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "openshift data science",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "h2o",
"scope": "lt",
"trust": 1.0,
"vendor": "dena",
"version": "2023-10-10"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip ddos hybrid defender",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "nginx ingress controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "2.4.2"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "akka",
"version": "10.5.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.5"
},
{
"model": "big-ip ssl orchestrator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.10"
},
{
"model": "linkerd",
"scope": "eq",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.13.1"
},
{
"model": "jenkins",
"scope": "lte",
"trust": 1.0,
"vendor": "jenkins",
"version": "2.414.2"
},
{
"model": "big-ip websafe",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "linkerd",
"scope": "eq",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.13.0"
},
{
"model": "big-ip carrier-grade nat",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.0"
},
{
"model": "openshift container platform assisted installer",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "big-ip application visibility and reporting",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.5"
},
{
"model": "astra control center",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "secure web appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "15.1.0"
},
{
"model": "envoy",
"scope": "eq",
"trust": 1.0,
"vendor": "envoyproxy",
"version": "1.25.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "big-ip websafe",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "apisix",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "3.6.1"
},
{
"model": "openshift serverless",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.4"
},
{
"model": "nginx ingress controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "3.3.0"
},
{
"model": "armeria",
"scope": "lt",
"trust": 1.0,
"vendor": "linecorp",
"version": "1.26.0"
},
{
"model": "unified contact center management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "11.0.0"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "17.1.0"
},
{
"model": "big-ip advanced web application firewall",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "build of optaplanner",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "16.1.4"
},
{
"model": "linkerd",
"scope": "gte",
"trust": 1.0,
"vendor": "linkerd",
"version": "2.12.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "12.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "175298"
},
{
"db": "PACKETSTORM",
"id": "175273"
},
{
"db": "PACKETSTORM",
"id": "175390"
},
{
"db": "PACKETSTORM",
"id": "175325"
},
{
"db": "PACKETSTORM",
"id": "175231"
},
{
"db": "PACKETSTORM",
"id": "175172"
},
{
"db": "PACKETSTORM",
"id": "175970"
}
],
"trust": 0.7
},
"cve": "CVE-2023-44487",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-44487",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-44487",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-44487",
"trust": 1.0,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-44487"
},
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. The updated image includes new features and bug fixes. \n\nIt contains the following bug fixes and changes:\n\n* Previously, Red Hat OpenShift Container Platform customers using the downloaded manifest bundle with automatic upgrades enabled found that Sensor did not automatically upgrade, and failed with a `PRE_FLIGHT_CHECKS_FAILED` error. This issue has been fixed. (ROX-19955)\n\n* RHACS 4.2.2 includes a new default policy called \\\"Rapid Reset: Denial of\nService Vulnerability in HTTP/2 Protocol\\\". This policy alerts on\ndeployments with images containing components that are susceptible to a\nDenial of Service (DoS) vulnerability for HTTP/2 servers, based on\nCVE-2023-44487 and CVE-2023-39325. This policy applies to the build or\ndeploy life cycle stage. \n\n\n\n\nDescription:\n\nThis asynchronous patch is a security update zip for the JBoss EAP XP 4.0.0 runtime distribution for use with EAP 7.4.13. ==========================================================================\nUbuntu Security Notice USN-6438-2\nOctober 25, 2023\n\n.Net regressions\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.10\n\nSummary:\n\nAn incomplete fix was discovered in .Net. \n\nSoftware Description:\n- dotnet6: dotNET CLI tools and runtime\n- dotnet7: dotNET CLI tools and runtime\n\nDetails:\n\nUSN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix\nfor [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. \n\nOriginal advisory details:\n\n Kevin Jones discovered that .NET did not properly process certain\n X.509 certificates. An attacker could possibly use this issue to\n cause a denial of service. (CVE-2023-36799)\n \n It was discovered that the .NET Kestrel web server did not properly\n handle HTTP/2 requests. A remote attacker could possibly use this\n issue to cause a denial of service. (CVE-2023-44487)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.10:\n aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.10.1\n aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.10.1\n dotnet-host 6.0.124-0ubuntu1~23.10.1\n dotnet-host-7.0 7.0.113-0ubuntu1~23.10.1\n dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.10.1\n dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.10.1\n dotnet-runtime-6.0 6.0.124-0ubuntu1~23.10.1\n dotnet-runtime-7.0 7.0.113-0ubuntu1~23.10.1\n dotnet-sdk-6.0 6.0.124-0ubuntu1~23.10.1\n dotnet-sdk-7.0 7.0.113-0ubuntu1~23.10.1\n dotnet6 6.0.124-0ubuntu1~23.10.1\n dotnet7 7.0.113-0ubuntu1~23.10.1\n\nIn general, a standard system update will make all the necessary changes. \n\nThe following data is constructed from data provided by Red Hat\u0027s json file at:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5896.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. \n\n- Packet Storm Staff\n\n\n\n\n====================================================================\nRed Hat Security Advisory\n\nSynopsis: Important: OpenShift Container Platform 4.12.40 bug fix and security update\nAdvisory ID: RHSA-2023:5896-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:5896\nIssue date: 2023-10-25\nRevision: 01\nCVE Names: CVE-2023-44487\n====================================================================\n\nSummary: \n\nRed Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs and add enhancements. \n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.12. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. \n\n\n\n\nDescription:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.12.40. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2023:5898\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section. \n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html\n\n\nSolution:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html\n\n\n\nCVEs:\n\nCVE-2023-44487\n\nReferences:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5522-1 security@debian.org\nhttps://www.debian.org/security/ Markus Koschany\nOctober 10, 2023 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tomcat9\nCVE ID : CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487\n CVE-2023-45648\n\nSeveral security vulnerabilities have been discovered in the Tomcat\nservlet and JSP engine. \n\nCVE-2023-24998\n\n Denial of service. Tomcat uses a packaged renamed copy of Apache Commons\n FileUpload to provide the file upload functionality defined in the Jakarta\n Servlet specification. Apache Tomcat was, therefore, also vulnerable to the\n Commons FileUpload vulnerability CVE-2023-24998 as there was no limit to\n the number of request parts processed. This resulted in the possibility of\n an attacker triggering a DoS with a malicious upload or series of uploads. \n\nCVE-2023-41080\n\n Open redirect. If the ROOT (default) web application is configured to use\n FORM authentication then it is possible that a specially crafted URL could\n be used to trigger a redirect to an URL of the attackers choice. \n\nCVE-2023-42795\n\n Information Disclosure. When recycling various internal objects, including\n the request and the response, prior to re-use by the next request/response,\n an error could cause Tomcat to skip some parts of the recycling process\n leading to information leaking from the current request/response to the\n next. \n\nCVE-2023-44487\n\n DoS caused by HTTP/2 frame overhead (Rapid Reset Attack)\n\nCVE-2023-45648\n\n Request smuggling. Tomcat did not correctly parse HTTP trailer headers. A\n specially crafted, invalid trailer header could cause Tomcat to treat a\n single request as multiple requests leading to the possibility of request\n smuggling when behind a reverse proxy. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 9.0.43-2~deb11u7. \n\nWe recommend that you upgrade your tomcat9 packages. \n\nFor the detailed security status of tomcat9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/tomcat9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUlyBRfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeRBnhAAk1o0EDLnX1zaS0Xnz9jybhd9XdXat1HwZXvV3XFRGVXu5+r2bKH+KQjU\n0GJ6koP3KDt10DrI8DzOq+9Msu0/TbPYAZKDHPjPYfcUqXRmwRrvTXtq5cbR5v3+\nJxgJhiqjQYb1DYiDLC5iU+6aryrZg2ma1i81lG5v8N1TDfaCHzbZiMpyeYEABkd7\neKX3tzngoK9UaIgYVBxrjnM9bPRWnRFJRBMu/hs4VS6gxqzAaZT72Tcaf0Vf3t1s\nEs5IMgrhBC0Q2Amlm3N5z37p0nlhnJdNC3dAHetRCy92g9/KsjB/1BZfYY7rM8wV\nWwvB5WwQ0T4eRqKmc8yY86sUdfXkhPqz1oFDbnNgxtBjMm2z/of9pNEm+2NCpv9P\n3MpCIKsEWiGH8+uleGuFhAHoWeUYjDNJjH1di6+PYZoBaEJ8eiXct/THBt/0nvFR\nNh6AFDqi1Hi5/GdPK71eFRDsXOwgSuRg1ZRJtJP1W/dYEiczP89l0CM04PwxEAn2\ndbE2ZCUQmIzQdng4OAHt+ze+QDini4HtoRJnQHq4P/QUIEQAE9C0hOIMMnrtpqIY\nA77Qa1bBVqDgLlhvSmpSrVigmfyXSpmtfc9G0KXcq5IAvr75jZ0PNuIk/VTyklYj\ne3g3nA1rbB1jlx6cvPqWBFItXW8800mJ0CXHb8EN8jKdB5BnooY=\n=6KYM\n-----END PGP SIGNATURE-----\n. \n\n\n\n\nDescription:\n\nVarnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don\u0027t have to create the same web page over and over again, giving the website a significant speed up. \n\n\n\n\nDescription:\n\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-44487"
},
{
"db": "PACKETSTORM",
"id": "175298"
},
{
"db": "PACKETSTORM",
"id": "175273"
},
{
"db": "PACKETSTORM",
"id": "175390"
},
{
"db": "PACKETSTORM",
"id": "175330"
},
{
"db": "PACKETSTORM",
"id": "175325"
},
{
"db": "PACKETSTORM",
"id": "176035"
},
{
"db": "PACKETSTORM",
"id": "175070"
},
{
"db": "PACKETSTORM",
"id": "175231"
},
{
"db": "PACKETSTORM",
"id": "175172"
},
{
"db": "PACKETSTORM",
"id": "175970"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-44487",
"trust": 2.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/19/6",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/10/6",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/20/8",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/18/4",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/10/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/18/8",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/13/4",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/13/9",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2025/08/13/6",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "175298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175273",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175390",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175325",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "176035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175231",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175172",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175970",
"trust": 0.1
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "175298"
},
{
"db": "PACKETSTORM",
"id": "175273"
},
{
"db": "PACKETSTORM",
"id": "175390"
},
{
"db": "PACKETSTORM",
"id": "175330"
},
{
"db": "PACKETSTORM",
"id": "175325"
},
{
"db": "PACKETSTORM",
"id": "176035"
},
{
"db": "PACKETSTORM",
"id": "175070"
},
{
"db": "PACKETSTORM",
"id": "175231"
},
{
"db": "PACKETSTORM",
"id": "175172"
},
{
"db": "PACKETSTORM",
"id": "175970"
},
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"id": "VAR-202310-0175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.384739252
},
"last_update_date": "2025-12-22T22:37:57.843000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"trust": 1.0,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/"
},
{
"trust": 1.0,
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"trust": 1.0,
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"trust": 1.0,
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"trust": 1.0,
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"trust": 1.0,
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"trust": 1.0,
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"trust": 1.0,
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"trust": 1.0,
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"trust": 1.0,
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"trust": 1.0,
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"trust": 1.0,
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"trust": 1.0,
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/"
},
{
"trust": 1.0,
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"trust": 1.0,
"url": "https://github.com/advisories/ghsa-qppj-fm5r-hxr3"
},
{
"trust": 1.0,
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/"
},
{
"trust": 1.0,
"url": "https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf"
},
{
"trust": 1.0,
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"trust": 1.0,
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"trust": 1.0,
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"trust": 1.0,
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/"
},
{
"trust": 1.0,
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"trust": 1.0,
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"trust": 1.0,
"url": "https://github.com/bcdannyboy/cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/"
},
{
"trust": 1.0,
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"trust": 1.0,
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/"
},
{
"trust": 1.0,
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"trust": 1.0,
"url": "https://netty.io/news/2023/10/10/4-1-100-final.html"
},
{
"trust": 1.0,
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/"
},
{
"trust": 1.0,
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"trust": 1.0,
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/"
},
{
"trust": 1.0,
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/"
},
{
"trust": 1.0,
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/"
},
{
"trust": 1.0,
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"trust": 1.0,
"url": "https://github.com/advisories/ghsa-vx74-f528-fxqg"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"trust": 1.0,
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"trust": 1.0,
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"trust": 1.0,
"url": "https://ubuntu.com/security/cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"trust": 1.0,
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"trust": 1.0,
"url": "https://github.com/golang/go/issues/63417"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/"
},
{
"trust": 1.0,
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/"
},
{
"trust": 1.0,
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/"
},
{
"trust": 1.0,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://github.com/advisories/ghsa-xpw8-rcwv-8f8p"
},
{
"trust": 1.0,
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/"
},
{
"trust": 1.0,
"url": "https://security.paloaltonetworks.com/cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/"
},
{
"trust": 1.0,
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"trust": 1.0,
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"trust": 1.0,
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/"
},
{
"trust": 1.0,
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"trust": 1.0,
"url": "https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html"
},
{
"trust": 1.0,
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"trust": 1.0,
"url": "https://www.phoronix.com/news/http2-rapid-reset-attack"
},
{
"trust": 1.0,
"url": "https://github.com/kong/kong/discussions/11741"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"trust": 1.0,
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/"
},
{
"trust": 1.0,
"url": "https://groups.google.com/g/golang-announce/c/innxdtcjzvo"
},
{
"trust": 1.0,
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"trust": 1.0,
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"trust": 1.0,
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/"
},
{
"trust": 1.0,
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html"
},
{
"trust": 1.0,
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"trust": 1.0,
"url": "https://github.com/arkrwn/poc/tree/main/cve-2023-44487"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/"
},
{
"trust": 1.0,
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/"
},
{
"trust": 1.0,
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"trust": 1.0,
"url": "https://github.com/microsoft/cbl-mariner/pull/6381"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/"
},
{
"trust": 1.0,
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"trust": 1.0,
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/"
},
{
"trust": 1.0,
"url": "https://my.f5.com/manage/s/article/k000137106"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"trust": 1.0,
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"trust": 1.0,
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/"
},
{
"trust": 1.0,
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/"
},
{
"trust": 1.0,
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"trust": 1.0,
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"trust": 1.0,
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"trust": 1.0,
"url": "https://github.com/line/armeria/pull/5232"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"trust": 1.0,
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/"
},
{
"trust": 1.0,
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"trust": 1.0,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-http2-reset-d8kf32vz"
},
{
"trust": 1.0,
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"trust": 1.0,
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/"
},
{
"trust": 1.0,
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/"
},
{
"trust": 1.0,
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"trust": 1.0,
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"trust": 1.0,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2023-011/"
},
{
"trust": 1.0,
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"trust": 1.0,
"url": "https://github.com/azure/aks/issues/3947"
},
{
"trust": 1.0,
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"trust": 1.0,
"url": "https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"trust": 1.0,
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"trust": 1.0,
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-44487"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2023-003"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6048.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-39325"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-39325"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:6048"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_security_for_kubernetes/4.2/html/release_notes/release-notes-42"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5978.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/red_hat_jboss_eap_xp_4.0.0_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:5978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/using_jboss_eap_xp_4.0.0/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/jboss_eap_xp_4.0_upgrade_and_migration_guide/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:6144"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6144.json"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/2040208"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6438-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dotnet6/6.0.124-0ubuntu1~23.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/2040207,"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/cve-2023-36799)"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6438-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-36799"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dotnet7/7.0.113-0ubuntu1~23.10.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5896.json"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:5896"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2023:5898"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/nghttp2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-45648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-41080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-42795"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/tomcat9"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-24998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:5924"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5924.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:5803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5803.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7481.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:7479"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:7481"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html"
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "175298"
},
{
"db": "PACKETSTORM",
"id": "175273"
},
{
"db": "PACKETSTORM",
"id": "175390"
},
{
"db": "PACKETSTORM",
"id": "175330"
},
{
"db": "PACKETSTORM",
"id": "175325"
},
{
"db": "PACKETSTORM",
"id": "176035"
},
{
"db": "PACKETSTORM",
"id": "175070"
},
{
"db": "PACKETSTORM",
"id": "175231"
},
{
"db": "PACKETSTORM",
"id": "175172"
},
{
"db": "PACKETSTORM",
"id": "175970"
},
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "175298"
},
{
"db": "PACKETSTORM",
"id": "175273"
},
{
"db": "PACKETSTORM",
"id": "175390"
},
{
"db": "PACKETSTORM",
"id": "175330"
},
{
"db": "PACKETSTORM",
"id": "175325"
},
{
"db": "PACKETSTORM",
"id": "176035"
},
{
"db": "PACKETSTORM",
"id": "175070"
},
{
"db": "PACKETSTORM",
"id": "175231"
},
{
"db": "PACKETSTORM",
"id": "175172"
},
{
"db": "PACKETSTORM",
"id": "175970"
},
{
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-10-24T15:55:29",
"db": "PACKETSTORM",
"id": "175298"
},
{
"date": "2023-10-23T14:26:48",
"db": "PACKETSTORM",
"id": "175273"
},
{
"date": "2023-10-30T12:35:28",
"db": "PACKETSTORM",
"id": "175390"
},
{
"date": "2023-10-25T13:48:01",
"db": "PACKETSTORM",
"id": "175330"
},
{
"date": "2023-10-25T13:46:22",
"db": "PACKETSTORM",
"id": "175325"
},
{
"date": "2023-12-04T13:45:34",
"db": "PACKETSTORM",
"id": "176035"
},
{
"date": "2023-10-11T16:46:58",
"db": "PACKETSTORM",
"id": "175070"
},
{
"date": "2023-10-20T14:32:43",
"db": "PACKETSTORM",
"id": "175231"
},
{
"date": "2023-10-18T16:26:02",
"db": "PACKETSTORM",
"id": "175172"
},
{
"date": "2023-11-29T12:44:32",
"db": "PACKETSTORM",
"id": "175970"
},
{
"date": "2023-10-10T14:15:10.883000",
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-11-07T19:00:41.810000",
"db": "NVD",
"id": "CVE-2023-44487"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "175330"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2023-6048-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "175298"
}
],
"trust": 0.1
}
}
VAR-202107-1585
Vulnerability from variot - Updated: 2024-08-14 12:08For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. Eclipse Jetty Contains an improper authentication vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: Red Hat AMQ Broker 7.9.0 release and security update Advisory ID: RHSA-2021:3700-01 Product: Red Hat JBoss AMQ Advisory URL: https://access.redhat.com/errata/RHSA-2021:3700 Issue date: 2021-09-30 Keywords: amq,messaging,integration,broker CVE Names: CVE-2020-13956 CVE-2020-27223 CVE-2021-3425 CVE-2021-3763 CVE-2021-20289 CVE-2021-21290 CVE-2021-21295 CVE-2021-21409 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 CVE-2021-29425 CVE-2021-34428 CVE-2021-34429 =====================================================================
- Summary:
Red Hat AMQ Broker 7.9.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
-
httpclient: apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)
-
jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS (CVE-2020-27223)
-
resteasy-jaxrs: resteasy: Error message exposes endpoint class information (CVE-2021-20289)
-
netty: Information disclosure via the local system temporary directory (CVE-2021-21290)
-
netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)
-
netty: Request smuggling via content-length header (CVE-2021-21409)
-
jetty-server: jetty: Symlink directory exposes webapp directory contents (CVE-2021-28163)
-
jetty-server: jetty: Ambiguous paths can access WEB-INF (CVE-2021-28164)
-
jetty-server: jetty: Resource exhaustion when receiving an invalid large TLS frame (CVE-2021-28165)
-
jetty-server: jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory (CVE-2021-28169)
-
commons-io: apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)
-
broker: Red Hat AMQ Broker: discloses JDBC username and password in the application log file (CVE-2021-3425)
-
jetty-server: jetty: SessionListener can prevent a session from being invalidated breaking logout (CVE-2021-34428)
-
jetty-server: jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)
-
broker: AMQ Broker 7: Incorrect privilege in Management Console (CVE-2021-3763)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link (you must log in to download the update).
- Bugs fixed (https://bugzilla.redhat.com/):
1886587 - CVE-2020-13956 apache-httpclient: incorrect handling of malformed authority component in request URIs 1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory 1934116 - CVE-2020-27223 jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS 1935927 - CVE-2021-20289 resteasy: Error message exposes endpoint class information 1936629 - CVE-2021-3425 Red Hat AMQ Broker: discloses JDBC username and password in the application log file 1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header 1945710 - CVE-2021-28163 jetty: Symlink directory exposes webapp directory contents 1945712 - CVE-2021-28164 jetty: Ambiguous paths can access WEB-INF 1945714 - CVE-2021-28165 jetty: Resource exhaustion when receiving an invalid large TLS frame 1948752 - CVE-2021-29425 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 1971016 - CVE-2021-28169 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory 1974891 - CVE-2021-34428 jetty: SessionListener can prevent a session from being invalidated breaking logout 1985223 - CVE-2021-34429 jetty: crafted URIs allow bypassing security constraints 2000654 - CVE-2021-3763 AMQ Broker 7: Incorrect privilege in Management Console
- References:
https://access.redhat.com/security/cve/CVE-2020-13956 https://access.redhat.com/security/cve/CVE-2020-27223 https://access.redhat.com/security/cve/CVE-2021-3425 https://access.redhat.com/security/cve/CVE-2021-3763 https://access.redhat.com/security/cve/CVE-2021-20289 https://access.redhat.com/security/cve/CVE-2021-21290 https://access.redhat.com/security/cve/CVE-2021-21295 https://access.redhat.com/security/cve/CVE-2021-21409 https://access.redhat.com/security/cve/CVE-2021-28163 https://access.redhat.com/security/cve/CVE-2021-28164 https://access.redhat.com/security/cve/CVE-2021-28165 https://access.redhat.com/security/cve/CVE-2021-28169 https://access.redhat.com/security/cve/CVE-2021-29425 https://access.redhat.com/security/cve/CVE-2021-34428 https://access.redhat.com/security/cve/CVE-2021-34429 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.amq.broker&version=7.9.0 https://access.redhat.com/documentation/en-us/red_hat_amq/2021.q4
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYVWKK9zjgjWX9erEAQiu0A/+NJe1AtB06jaucFaOVo6/q4A3geYdiNfX aU44bpkaYfOHdYkd2Ec59L3ImNIUCYMxUZIWhNfyUwMKAGxRnj2Q0tzm3O6ZCwcL 3DIVXlJHfrQHN8rZ38rG0bi4l4OnnSV1y2kskqkOITFcv6N0MmyQ8+rzG/m5VHC6 c9IBl0zXGZs+8sXDsXzN7tabdieUmke1FyR1SV/YsR9rnnm1cZJcfJqJcKWeKD0v GMvKjgq6VImt8xAZbaOHWzV3+PfinisPh7XYRabE87EAyMFmy5jWclZrg8UhsaYX DEV2+wis3jgANdAgvNox/7camxSciogKKSTxc8ZTPaok33GeudET5pmVbac9sQsc e/jrTvN+AnHMtGoQQwAHPQH3DMjomzd1vmjV4aI6UfearT0GlkLLMVcn6wp2OQ7w d+yh2QnDGXUHLYCkAcvNVklL8ZGlhxgV9zdhoYVSdiZPXAQNvfCDgNilzMaJKXmF k2sR0BB3wnSG7//dUTbNTbBQw8JpuYesDpUC+JYMWErnFak9MGj0Q+ISfxYE9vC5 LSiCsqNHibsGcA5XpVVvO4q/LM6mwhCozD4WXrCw3xl4n4EWWiTQceF+yYSRtsmn pWcWk56HHAlr5Qs9jRuW90pzyf8X/T9rEmugb62Z7SGSUH/A4xJxLpZJHb4q/whu hBENV2qm+t4= =l+R3 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
Security Fix(es):
-
jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)
-
netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
-
netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
-
Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)
-
log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1985223 - CVE-2021-34429 jetty: crafted URIs allow bypassing security constraints 2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender
5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-1585",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "communications cloud native core security edge protection proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.0"
},
{
"model": "snapcenter plug-in",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "communications diameter signaling router",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.0.2"
},
{
"model": "financial services crime and compliance management studio",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.8.2.0"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "9.4.43"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0"
},
{
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "communications cloud native core unified data repository",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.14.0"
},
{
"model": "retail eftlink",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "20.0.1"
},
{
"model": "rest data services",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "22.1.1"
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "11.0.1"
},
{
"model": "snap creator framework",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "stream analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "19.1.0.0.6.4"
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "9.4.37"
},
{
"model": "communications cloud native core binding support function",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.10.0"
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "11.0.6"
},
{
"model": "jetty",
"scope": "gte",
"trust": 1.0,
"vendor": "eclipse",
"version": "10.0.1"
},
{
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.70.1"
},
{
"model": "communications cloud native core service communication proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.14.0"
},
{
"model": "autovue for agile product lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.0.2"
},
{
"model": "stream analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19c"
},
{
"model": "e-series santricity web services",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "element plug-in for vcenter server",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "jetty",
"scope": "lt",
"trust": 1.0,
"vendor": "eclipse",
"version": "10.0.6"
},
{
"model": "financial services crime and compliance management studio",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.8.3.0"
},
{
"model": "e-series santricity os controller software",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "snapcenter plug-in",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "oracle communications cloud native core binding support function",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "oracle communications cloud native core security edge protection proxy",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "e-series santricity web services",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "hci management node",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "element plug-in for vcenter server",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "jetty",
"scope": null,
"trust": 0.8,
"vendor": "eclipse",
"version": null
},
{
"model": "solidfire",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "snap creator framework",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "164346"
},
{
"db": "PACKETSTORM",
"id": "165564"
}
],
"trust": 0.2
},
"cve": "CVE-2021-34429",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34429",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-394611",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34429",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2021-009832",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34429",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "emo@eclipse.org",
"id": "CVE-2021-34429",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-34429",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-1094",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-394611",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-34429",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. Eclipse Jetty Contains an improper authentication vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: Red Hat AMQ Broker 7.9.0 release and security update\nAdvisory ID: RHSA-2021:3700-01\nProduct: Red Hat JBoss AMQ\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:3700\nIssue date: 2021-09-30\nKeywords: amq,messaging,integration,broker\nCVE Names: CVE-2020-13956 CVE-2020-27223 CVE-2021-3425 \n CVE-2021-3763 CVE-2021-20289 CVE-2021-21290 \n CVE-2021-21295 CVE-2021-21409 CVE-2021-28163 \n CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 \n CVE-2021-29425 CVE-2021-34428 CVE-2021-34429 \n=====================================================================\n\n1. Summary:\n\nRed Hat AMQ Broker 7.9.0 is now available from the Red Hat Customer Portal. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nAMQ Broker is a high-performance messaging implementation based on ActiveMQ\nArtemis. It uses an asynchronous journal for fast message persistence, and\nsupports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red\nHat AMQ Broker 7.8.2, and includes security and bug fixes, and\nenhancements. For further information, refer to the release notes linked to\nin the References section. \n\nSecurity Fix(es):\n\n* httpclient: apache-httpclient: incorrect handling of malformed authority\ncomponent in request URIs (CVE-2020-13956)\n\n* jetty: request containing multiple Accept headers with a large number of\n\"quality\" parameters may lead to DoS (CVE-2020-27223)\n\n* resteasy-jaxrs: resteasy: Error message exposes endpoint class\ninformation (CVE-2021-20289)\n\n* netty: Information disclosure via the local system temporary directory\n(CVE-2021-21290)\n\n* netty: possible request smuggling in HTTP/2 due missing validation\n(CVE-2021-21295)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* jetty-server: jetty: Symlink directory exposes webapp directory contents\n(CVE-2021-28163)\n\n* jetty-server: jetty: Ambiguous paths can access WEB-INF (CVE-2021-28164)\n\n* jetty-server: jetty: Resource exhaustion when receiving an invalid large\nTLS frame (CVE-2021-28165)\n\n* jetty-server: jetty: requests to the ConcatServlet and WelcomeFilter are\nable to access protected resources within the WEB-INF directory\n(CVE-2021-28169)\n\n* commons-io: apache-commons-io: Limited path traversal in Apache Commons\nIO 2.2 to 2.6 (CVE-2021-29425)\n\n* broker: Red Hat AMQ Broker: discloses JDBC username and password in the\napplication log file (CVE-2021-3425)\n\n* jetty-server: jetty: SessionListener can prevent a session from being\ninvalidated breaking logout (CVE-2021-34428)\n\n* jetty-server: jetty: crafted URIs allow bypassing security constraints\n(CVE-2021-34429)\n\n* broker: AMQ Broker 7: Incorrect privilege in Management Console\n(CVE-2021-3763)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1886587 - CVE-2020-13956 apache-httpclient: incorrect handling of malformed authority component in request URIs\n1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory\n1934116 - CVE-2020-27223 jetty: request containing multiple Accept headers with a large number of \"quality\" parameters may lead to DoS\n1935927 - CVE-2021-20289 resteasy: Error message exposes endpoint class information\n1936629 - CVE-2021-3425 Red Hat AMQ Broker: discloses JDBC username and password in the application log file\n1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation\n1944888 - CVE-2021-21409 netty: Request smuggling via content-length header\n1945710 - CVE-2021-28163 jetty: Symlink directory exposes webapp directory contents\n1945712 - CVE-2021-28164 jetty: Ambiguous paths can access WEB-INF\n1945714 - CVE-2021-28165 jetty: Resource exhaustion when receiving an invalid large TLS frame\n1948752 - CVE-2021-29425 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6\n1971016 - CVE-2021-28169 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory\n1974891 - CVE-2021-34428 jetty: SessionListener can prevent a session from being invalidated breaking logout\n1985223 - CVE-2021-34429 jetty: crafted URIs allow bypassing security constraints\n2000654 - CVE-2021-3763 AMQ Broker 7: Incorrect privilege in Management Console\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-13956\nhttps://access.redhat.com/security/cve/CVE-2020-27223\nhttps://access.redhat.com/security/cve/CVE-2021-3425\nhttps://access.redhat.com/security/cve/CVE-2021-3763\nhttps://access.redhat.com/security/cve/CVE-2021-20289\nhttps://access.redhat.com/security/cve/CVE-2021-21290\nhttps://access.redhat.com/security/cve/CVE-2021-21295\nhttps://access.redhat.com/security/cve/CVE-2021-21409\nhttps://access.redhat.com/security/cve/CVE-2021-28163\nhttps://access.redhat.com/security/cve/CVE-2021-28164\nhttps://access.redhat.com/security/cve/CVE-2021-28165\nhttps://access.redhat.com/security/cve/CVE-2021-28169\nhttps://access.redhat.com/security/cve/CVE-2021-29425\nhttps://access.redhat.com/security/cve/CVE-2021-34428\nhttps://access.redhat.com/security/cve/CVE-2021-34429\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.9.0\nhttps://access.redhat.com/documentation/en-us/red_hat_amq/2021.q4\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYVWKK9zjgjWX9erEAQiu0A/+NJe1AtB06jaucFaOVo6/q4A3geYdiNfX\naU44bpkaYfOHdYkd2Ec59L3ImNIUCYMxUZIWhNfyUwMKAGxRnj2Q0tzm3O6ZCwcL\n3DIVXlJHfrQHN8rZ38rG0bi4l4OnnSV1y2kskqkOITFcv6N0MmyQ8+rzG/m5VHC6\nc9IBl0zXGZs+8sXDsXzN7tabdieUmke1FyR1SV/YsR9rnnm1cZJcfJqJcKWeKD0v\nGMvKjgq6VImt8xAZbaOHWzV3+PfinisPh7XYRabE87EAyMFmy5jWclZrg8UhsaYX\nDEV2+wis3jgANdAgvNox/7camxSciogKKSTxc8ZTPaok33GeudET5pmVbac9sQsc\ne/jrTvN+AnHMtGoQQwAHPQH3DMjomzd1vmjV4aI6UfearT0GlkLLMVcn6wp2OQ7w\nd+yh2QnDGXUHLYCkAcvNVklL8ZGlhxgV9zdhoYVSdiZPXAQNvfCDgNilzMaJKXmF\nk2sR0BB3wnSG7//dUTbNTbBQw8JpuYesDpUC+JYMWErnFak9MGj0Q+ISfxYE9vC5\nLSiCsqNHibsGcA5XpVVvO4q/LM6mwhCozD4WXrCw3xl4n4EWWiTQceF+yYSRtsmn\npWcWk56HHAlr5Qs9jRuW90pzyf8X/T9rEmugb62Z7SGSUH/A4xJxLpZJHb4q/whu\nhBENV2qm+t4=\n=l+R3\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat AMQ Streams, based on the Apache Kafka project, offers a\ndistributed backbone that allows microservices and other applications to\nshare data with extremely high throughput and extremely low latency. \n\nSecurity Fix(es):\n\n* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for\ndecompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may\nbuffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients\n(CVE-2021-38153)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1985223 - CVE-2021-34429 jetty: crafted URIs allow bypassing security constraints\n2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data\n2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way\n2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients\n2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender\n\n5",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34429"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"db": "PACKETSTORM",
"id": "164346"
},
{
"db": "PACKETSTORM",
"id": "165564"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-394611",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34429",
"trust": 3.6
},
{
"db": "PACKETSTORM",
"id": "165564",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "50478",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164346",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022012750",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072013",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042520",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021093016",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072091",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060717",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3256",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2879",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4174",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0195",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3156",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-394611",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-34429",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "PACKETSTORM",
"id": "164346"
},
{
"db": "PACKETSTORM",
"id": "165564"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"id": "VAR-202107-1585",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:08:34.292000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle\u00a0Critical\u00a0Patch\u00a0Update\u00a0Advisory\u00a0-\u00a0April\u00a02022 Oracle\u00a0Critical\u00a0Patch\u00a0Update",
"trust": 0.8,
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-vjv5-gp2w-65vm"
},
{
"title": "Eclipse Jetty Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=158187"
},
{
"title": "Debian CVElist Bug Report Logs: jetty9: CVE-2021-34429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=958d7f11470eb2595bad01a01f3abf85"
},
{
"title": "Red Hat: CVE-2021-34429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-34429"
},
{
"title": "CVE-2021-34429",
"trust": 0.1,
"url": "https://github.com/ColdFusionX/CVE-2021-34429 "
},
{
"title": "JETTY CVE-2021-34429",
"trust": 0.1,
"url": "https://github.com/cwh945/JETTY-POC "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "CWE-551",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "Bad authentication (CWE-863) [NVD Evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-863",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.7,
"url": "https://github.com/eclipse/jetty.project/security/advisories/ghsa-vjv5-gp2w-65vm"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210819-0006/"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34429"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r029c0c6833c8bb6acb094733fd7b75029d633f47a92f1c9d14391fc0%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r02f940c27e997a277ff14e79e84551382e1081e8978b417e0c2b0857%40%3ccommits.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0626f279ebf65506110a897e3a57ccd4072803ee5434b2503e070398%40%3ccommits.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2a3ea27cca2ac7352d392b023b72e824387bc9ff16ba245ec663bdc6%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2e32390cb7aedb39069e5b18aa130ca53e766258518faee63c31d3ea%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r3aefe613abce594c71ace50088d2529bbde65d08b8e7ff2c2723aaa1%40%3cdev.santuario.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r3c55b0baa4dc38958ae147b2f216e212605f1071297f845e14477d36%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r44ea39ca8110de7353bfec88f58aa3aa58a42bb324b8772512ee190c%40%3ccommits.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r46900f74dbb7d168aeac43bf0e7f64825376bb7eb74d31a5b33344ce%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r46f748c1dc9cf9b6c1c18f6b5bfc3a869907f68f72e17666f2f30f24%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r4727d282b5c2d951057845a46065d59f6e33132edc0a14f41c26b01e%40%3cdev.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r48a93f2bc025acd7c7e341ed3864bfdeb75f0c768d41bc247e1a1f63%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5678d994d4dd8e7c838eed3bbc1a83a7f6bc62724b0cce67e8892a45%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r679d96f981d4c92724090ed2d5e8565a1d655a72bb315550489f052e%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r6e6f50c1ce1fb592cb43e913f5be23df104d50751465f8f1952ace0c%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r721ab6a5fa8d45bec76714b674f5d4caed2ebfeca69ad1d6d4caae6c%40%3cdev.hbase.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r74fdc446df551fe89a0a16957a1bfdaad19380e0c1afd30625685a9c%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r756443e9d50af7e8c3df82e2c45105f452c8e8195ddbc0c00f58d5fe%40%3ccommits.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e991974171a325c82%40%3cdev.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e005f034fb1016951%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r833a4c8bdbbfeb8a2cd38238e7b59f83edd5c1a0e508b587fc551a46%40%3cissues.hbase.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8e6c116628c1277c3cf132012a66c46a0863fa2a3037c0707d4640d4%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r90e7b4c42a96d74c219e448bee6a329ab0cd3205c44b63471d96c3ab%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9d245c6c884bbc804a472116d730c1a01676bf24f93206a34923fc64%40%3ccommits.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e6158d72ef25077c2dc59fbddade2eacf7d259a2556c97a989f2fe8%40%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb33d65c3e5686f2e3b9bb8a032a44163b2f2ad9d31a8727338f213c1%40%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc26807be68748b3347decdcd03ae183622244b0b4cb09223d4b7e500%40%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcb157f55b9ae41b3076801de927c6fca1669c6d8eaf11a9df5dbeb46%40%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcea249eb7a0d243f21696e4985de33f3780399bf7b31ea1f6d489b8b%40%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re01890eef49d4201018f2c97e26536e3e75f441ecdbcf91986c3bc17%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re3de01414ccf682fe0951205f806dd8e94440798fd64c55a4941de3e%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re5e9bb535db779506013ef8799dc2a299e77cdad6668aa94c456dba6%40%3cjira.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re850203ef8700cb826534dd4a1cb9f5b07bb8f6f973b39ff7838d3ba%40%3cissues.hbase.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread/t2ypp3t3v7n1p12h4yclp8fopf7dmryb"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread/x07thv8bylkgxpqkmp2wvrj1po2dm8mq"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread/lyt8zcojbszzo2xnyzkm695rh6w26mb8"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread/0w67910oxj7t53c0ql56h7744jkzvgxf"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r721ab6a5fa8d45bec76714b674f5d4caed2ebfeca69ad1d6d4caae6c@%3cdev.hbase.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/re850203ef8700cb826534dd4a1cb9f5b07bb8f6f973b39ff7838d3ba@%3cissues.hbase.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r833a4c8bdbbfeb8a2cd38238e7b59f83edd5c1a0e508b587fc551a46@%3cissues.hbase.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r9d245c6c884bbc804a472116d730c1a01676bf24f93206a34923fc64@%3ccommits.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r02f940c27e997a277ff14e79e84551382e1081e8978b417e0c2b0857@%3ccommits.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r756443e9d50af7e8c3df82e2c45105f452c8e8195ddbc0c00f58d5fe@%3ccommits.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r4727d282b5c2d951057845a46065d59f6e33132edc0a14f41c26b01e@%3cdev.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r46900f74dbb7d168aeac43bf0e7f64825376bb7eb74d31a5b33344ce@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r679d96f981d4c92724090ed2d5e8565a1d655a72bb315550489f052e@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/re01890eef49d4201018f2c97e26536e3e75f441ecdbcf91986c3bc17@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/re5e9bb535db779506013ef8799dc2a299e77cdad6668aa94c456dba6@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r6e6f50c1ce1fb592cb43e913f5be23df104d50751465f8f1952ace0c@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/re3de01414ccf682fe0951205f806dd8e94440798fd64c55a4941de3e@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r74fdc446df551fe89a0a16957a1bfdaad19380e0c1afd30625685a9c@%3cjira.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r9e6158d72ef25077c2dc59fbddade2eacf7d259a2556c97a989f2fe8@%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rc26807be68748b3347decdcd03ae183622244b0b4cb09223d4b7e500@%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rb33d65c3e5686f2e3b9bb8a032a44163b2f2ad9d31a8727338f213c1@%3ccommits.pulsar.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r3aefe613abce594c71ace50088d2529bbde65d08b8e7ff2c2723aaa1@%3cdev.santuario.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r44ea39ca8110de7353bfec88f58aa3aa58a42bb324b8772512ee190c@%3ccommits.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r0626f279ebf65506110a897e3a57ccd4072803ee5434b2503e070398@%3ccommits.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e991974171a325c82@%3cdev.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r90e7b4c42a96d74c219e448bee6a329ab0cd3205c44b63471d96c3ab@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e005f034fb1016951@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r2a3ea27cca2ac7352d392b023b72e824387bc9ff16ba245ec663bdc6@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r8e6c116628c1277c3cf132012a66c46a0863fa2a3037c0707d4640d4@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rcea249eb7a0d243f21696e4985de33f3780399bf7b31ea1f6d489b8b@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r3c55b0baa4dc38958ae147b2f216e212605f1071297f845e14477d36@%3cissues.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r46f748c1dc9cf9b6c1c18f6b5bfc3a869907f68f72e17666f2f30f24@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r029c0c6833c8bb6acb094733fd7b75029d633f47a92f1c9d14391fc0@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r2e32390cb7aedb39069e5b18aa130ca53e766258518faee63c31d3ea@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r5678d994d4dd8e7c838eed3bbc1a83a7f6bc62724b0cce67e8892a45@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rcb157f55b9ae41b3076801de927c6fca1669c6d8eaf11a9df5dbeb46@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r48a93f2bc025acd7c7e341ed3864bfdeb75f0c768d41bc247e1a1f63@%3cnotifications.zookeeper.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165564/red-hat-security-advisory-2022-0138-06.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072013"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0195"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060717"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164346/red-hat-security-advisory-2021-3700-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042520"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6527232"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072091"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021093016"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/50478"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2879"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4174"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/eclipse-jetty-information-disclosure-via-web-inf-directory-access-35918"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3256"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3156"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022012750"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-34429"
},
{
"trust": 0.2,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3700"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/2021.q4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28164"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-29425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20289"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-34428"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21295"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21290"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29425"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21295"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.9.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28163"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21409"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3425"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3763"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34428"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3763"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21290"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20289"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37136"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37136"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38153"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38153"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "PACKETSTORM",
"id": "164346"
},
{
"db": "PACKETSTORM",
"id": "165564"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-394611"
},
{
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"db": "PACKETSTORM",
"id": "164346"
},
{
"db": "PACKETSTORM",
"id": "165564"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "VULHUB",
"id": "VHN-394611"
},
{
"date": "2021-07-15T00:00:00",
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"date": "2022-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"date": "2021-09-30T16:39:42",
"db": "PACKETSTORM",
"id": "164346"
},
{
"date": "2022-01-14T15:29:02",
"db": "PACKETSTORM",
"id": "165564"
},
{
"date": "2021-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-07-15T17:15:08.637000",
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-394611"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-34429"
},
{
"date": "2022-05-31T08:12:00",
"db": "JVNDB",
"id": "JVNDB-2021-009832"
},
{
"date": "2022-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2023-11-07T03:35:59.680000",
"db": "NVD",
"id": "CVE-2021-34429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eclipse\u00a0Jetty\u00a0 Authentication Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-009832"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1094"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 1.2
}
}
CVE-2025-1948 (GCVE-0-2025-1948)
Vulnerability from nvd – Published: 2025-05-08 17:48 – Updated: 2025-05-08 18:31
VLAI?
Title
Eclipse Jetty HTTP clients can increase memory allocation
Summary
In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.
The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
12.0.0 , ≤ 12.0.16
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:31:29.735282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T18:31:44.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetty",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.0.16",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
}
],
"value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T17:48:40.831Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Eclipse Jetty HTTP clients can increase memory allocation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2025-1948",
"datePublished": "2025-05-08T17:48:40.831Z",
"dateReserved": "2025-03-04T13:55:56.722Z",
"dateUpdated": "2025-05-08T18:31:44.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13009 (GCVE-0-2024-13009)
Vulnerability from nvd – Published: 2025-05-08 17:29 – Updated: 2025-05-08 18:56 Unsupported When Assigned
VLAI?
Title
Eclipse Jetty GZIP buffer release
Summary
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request
body. This can result in corrupted and/or inadvertent sharing of data between requests.
Severity ?
7.2 (High)
CWE
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.4.0 , ≤ 9.4.56
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:55:32.278977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T18:56:39.446Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetty",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "9.4.56",
"status": "affected",
"version": "9.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
}
],
"value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T17:29:31.380Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Eclipse Jetty GZIP buffer release",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-13009",
"datePublished": "2025-05-08T17:29:31.380Z",
"dateReserved": "2024-12-28T09:11:12.587Z",
"dateUpdated": "2025-05-08T18:56:39.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8184 (GCVE-0-2024-8184)
Vulnerability from nvd – Published: 2024-10-14 15:09 – Updated: 2025-11-03 19:34
VLAI?
Title
Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Summary
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
Severity ?
5.9 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.3.12 , ≤ 9.4.55
(semver)
Affected: 10.0.0 , ≤ 10.0.23 (semver) Affected: 11.0.0 , ≤ 11.0.23 (semver) Affected: 12.0.0 , ≤ 12.0.8 (semver) |
Credits
https://github.com/HRsGIT
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:41:50.744158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:42:01.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:56.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-server"
],
"packageName": "org.eclipse.jetty:jetty-server",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "9.4.55",
"status": "affected",
"version": "9.3.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.23",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.23",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.8",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/HRsGIT"
}
],
"datePublic": "2024-10-14T03:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
}
],
"value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:02.698Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
},
{
"url": "https://github.com/jetty/jetty.project/pull/11723"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
}
],
"value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-8184",
"datePublished": "2024-10-14T15:09:37.861Z",
"dateReserved": "2024-08-26T15:58:44.006Z",
"dateUpdated": "2025-11-03T19:34:56.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6763 (GCVE-0-2024-6763)
Vulnerability from nvd – Published: 2024-10-14 15:06 – Updated: 2025-03-07 00:10
VLAI?
Title
Jetty URI parsing of invalid authority
Summary
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.
The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI
differs from the common browsers in how it handles a URI that would be
considered invalid if fully validated against the RRC. Specifically HttpURI
and the browser may differ on the value of the host extracted from an
invalid URI and thus a combination of Jetty and a vulnerable browser may
be vulnerable to a open redirect attack or to a SSRF attack if the URI
is used after passing validation checks.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
7.0.0 , ≤ 12.0.11
(semver)
|
Credits
https://github.com/zer0yu
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "jetty",
"vendor": "eclipse",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6763",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:44:14.448650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:45:35.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-07T00:10:46.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-http"
],
"packageName": "org.eclipse.jetty:jetty-http",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/zer0yu"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, \u003ccode\u003eHttpURI\u003c/code\u003e, for URI/URL parsing.\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003eHttpURI\u003c/code\u003e class does insufficient validation on the authority segment of a URI. However the behaviour of \u003ccode\u003eHttpURI\u003c/code\u003e\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically \u003ccode\u003eHttpURI\u003c/code\u003e\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks.\u003c/p\u003e"
}
],
"value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:38.815Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
},
{
"url": "https://github.com/jetty/jetty.project/pull/12012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty URI parsing of invalid authority",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe attacks outlined above rely on decoded user data being passed to the \u003ccode\u003eHttpURI\u003c/code\u003e class. Application should not pass decoded user data as an encoded URI to any URI class/method, including \u003ccode\u003eHttpURI\u003c/code\u003e. Such applications are likely to be vulnerable in other ways.\u003cbr\u003e\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4\"\u003eRFC9110 Section 4.2.4\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser).\u003c/p\u003e"
}
],
"value": "The attacks outlined above rely on decoded user data being passed to the HttpURI class. Application should not pass decoded user data as an encoded URI to any URI class/method, including HttpURI. Such applications are likely to be vulnerable in other ways.\n\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per RFC9110 Section 4.2.4 https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4 .\n\n\nNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser)."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-6763",
"datePublished": "2024-10-14T15:06:07.298Z",
"dateReserved": "2024-07-15T17:37:53.605Z",
"dateUpdated": "2025-03-07T00:10:46.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6762 (GCVE-0-2024-6762)
Vulnerability from nvd – Published: 2024-10-14 15:07 – Updated: 2025-11-03 19:34
VLAI?
Title
Jetty PushSessionCacheFilter can cause remote DoS attacks
Summary
Jetty PushSessionCacheFilter can be exploited by unauthenticated users
to launch remote DoS attacks by exhausting the server’s memory.
Severity ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
10.0.0 , ≤ 10.0.17
(semver)
Affected: 11.0.0 , ≤ 11.0.17 (semver) Affected: 12.0.0 , ≤ 12.0.3 (semver) |
Credits
Lian Kee
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:42:42.629742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:42:50.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:37.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-servlets"
],
"packageName": "org.eclipse.jetty:jetty-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "10.0.17",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.17",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lian Kee"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eJetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory.\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "Jetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:07:10.942Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24"
},
{
"url": "https://github.com/jetty/jetty.project/pull/9715"
},
{
"url": "https://github.com/jetty/jetty.project/pull/9716"
},
{
"url": "https://github.com/jetty/jetty.project/pull/10756"
},
{
"url": "https://github.com/jetty/jetty.project/pull/10755"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty PushSessionCacheFilter can cause remote DoS attacks",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe session usage is intrinsic to the design of the PushCacheFilter. The issue can be avoided by:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enot using the PushCacheFilter. Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\u003c/li\u003e\n\u003cli\u003ereducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\u003c/li\u003e\n\u003cli\u003econfiguring a session cache to use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://jetty.org/docs/jetty/12/programming-guide/server/session.html\"\u003esession passivation\u003c/a\u003e,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory.\u003c/li\u003e\n\u003c/ul\u003e"
}
],
"value": "The session usage is intrinsic to the design of the PushCacheFilter. The issue can be avoided by:\n\n\n\n * not using the PushCacheFilter. Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\n\n * reducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\n\n * configuring a session cache to use session passivation https://jetty.org/docs/jetty/12/programming-guide/server/session.html ,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-6762",
"datePublished": "2024-10-14T15:07:10.942Z",
"dateReserved": "2024-07-15T17:35:50.791Z",
"dateUpdated": "2025-11-03T19:34:37.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9823 (GCVE-0-2024-9823)
Vulnerability from nvd – Published: 2024-10-14 15:03 – Updated: 2025-11-03 19:35
VLAI?
Title
Jetty DOS vulnerability on DosFilter
Summary
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.0.0 , < 9.4.54
(semvar)
Affected: 10.0.0 , < 10.0.18 (semvar) Affected: 11.0.0 , < 11.0.18 (semver) |
|||||||||||||||||
|
|||||||||||||||||||
Credits
Lian Kee
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "jetty",
"vendor": "eclipse",
"versions": [
{
"lessThan": "9.4.54",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.0.18",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.0.18",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:46:11.062398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:49:38.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:35:02.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-servlets"
],
"packageName": "org.eclipse.jetty:jetty-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThan": "9.4.54",
"status": "affected",
"version": "9.0.0",
"versionType": "semvar"
},
{
"lessThan": "10.0.18",
"status": "affected",
"version": "10.0.0",
"versionType": "semvar"
},
{
"lessThan": "11.0.18",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee8-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee8-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semvar"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee9-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee9-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee10-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee10-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semvar"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lian Kee"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally.\u003cbr\u003e"
}
],
"value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:29:14.390Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
},
{
"url": "https://github.com/jetty/jetty.project/issues/1256"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty DOS vulnerability on DosFilter",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ccode\u003eDoSFilter\u003c/code\u003e can be configured to not use sessions for tracking usage by setting the \u003ccode\u003etrackSessions\u003c/code\u003e init parameter to \u003ccode\u003efalse\u003c/code\u003e. This will then use only the IP tracking mechanism, which is not vulnerable.\u003cbr\u003e\nSessions can also be configured to have aggressive passivation or inactivation limits.\u003cbr\u003e"
}
],
"value": "The DoSFilter can be configured to not use sessions for tracking usage by setting the trackSessions init parameter to false. This will then use only the IP tracking mechanism, which is not vulnerable.\n\nSessions can also be configured to have aggressive passivation or inactivation limits."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-9823",
"datePublished": "2024-10-14T15:03:02.293Z",
"dateReserved": "2024-10-10T15:56:32.744Z",
"dateUpdated": "2025-11-03T19:35:02.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-22201 (GCVE-0-2024-22201)
Vulnerability from nvd – Published: 2024-02-26 16:13 – Updated: 2025-02-13 17:33
VLAI?
Title
Jetty connection leaking on idle timeout when TCP congested
Summary
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| jetty | jetty.project |
Affected:
>= 9.3.0, <= 9.4.53
Affected: >= 10.0.0, <= 10.0.19 Affected: >= 11.0.0, <= 11.0.19 Affected: >= 12.0.0, <= 12.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
},
{
"name": "https://github.com/jetty/jetty.project/issues/11256",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jetty/jetty.project/issues/11256"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jetty:jetty.project:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetty.project",
"vendor": "jetty",
"versions": [
{
"lessThanOrEqual": "9.4.53",
"status": "affected",
"version": "9.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.19",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.19",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.0.5",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22201",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T18:49:17.679314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:21:40.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "jetty",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.3.0, \u003c= 9.4.53"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.19"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.19"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c= 12.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:08:05.942Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
},
{
"name": "https://github.com/jetty/jetty.project/issues/11256",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jetty/jetty.project/issues/11256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
}
],
"source": {
"advisory": "GHSA-rggv-cv7r-mw98",
"discovery": "UNKNOWN"
},
"title": "Jetty connection leaking on idle timeout when TCP congested"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22201",
"datePublished": "2024-02-26T16:13:33.848Z",
"dateReserved": "2024-01-08T04:59:27.371Z",
"dateUpdated": "2025-02-13T17:33:34.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36478 (GCVE-0-2023-36478)
Vulnerability from nvd – Published: 2023-10-10 16:53 – Updated: 2025-02-13 16:56
VLAI?
Title
HTTP/2 HPACK integer overflow and buffer allocation
Summary
Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to
exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295
will overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.
Severity ?
7.5 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 10.0.0, < 10.0.16
Affected: >= 11.0.0, < 11.0.16 Affected: >= 9.3.0, < 9.4.53 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:57.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9634",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9634"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.16"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.16"
},
{
"status": "affected",
"version": "\u003e= 9.3.0, \u003c 9.4.53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to\nexceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295\nwill overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:08:04.429Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9634",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9634"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231116-0011/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"source": {
"advisory": "GHSA-wgh7-54f2-x98r",
"discovery": "UNKNOWN"
},
"title": "HTTP/2 HPACK integer overflow and buffer allocation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36478",
"datePublished": "2023-10-10T16:53:07.063Z",
"dateReserved": "2023-06-21T18:50:41.704Z",
"dateUpdated": "2025-02-13T16:56:19.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from nvd – Published: 2023-10-10 00:00 – Updated: 2025-11-04 21:08
VLAI?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2025-11-04T21:08:27.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41900 (GCVE-0-2023-41900)
Vulnerability from nvd – Published: 2023-09-15 20:17 – Updated: 2025-02-13 17:09
VLAI?
Title
Jetty's OpenId Revoked authentication allows one request
Summary
Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.
Severity ?
CWE
- CWE-1390 - Weak Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.4.21, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9528",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9528"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9660",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9660"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231110-0004/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:17:02.421689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:17:17.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.4.21, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1390",
"description": "CWE-1390: Weak Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T18:06:33.022Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9528",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9528"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9660",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9660"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231110-0004/"
}
],
"source": {
"advisory": "GHSA-pwh8-58vv-vw48",
"discovery": "UNKNOWN"
},
"title": "Jetty\u0027s OpenId Revoked authentication allows one request"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-41900",
"datePublished": "2023-09-15T20:17:42.201Z",
"dateReserved": "2023-09-04T16:31:48.226Z",
"dateUpdated": "2025-02-13T17:09:04.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40167 (GCVE-0-2023-40167)
Vulnerability from nvd – Published: 2023-09-15 19:37 – Updated: 2025-02-13 17:03
VLAI?
Title
Jetty accepts "+" prefixed value in Content-Length
Summary
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.
Severity ?
5.3 (Medium)
CWE
- CWE-130 - Improper Handling of Length Parameter Inconsistency
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.0.0, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 Affected: = 12.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T18:49:57.977850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T18:50:08.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
},
{
"status": "affected",
"version": "= 12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130: Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:19.236Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-hmr7-m48g-48f6",
"discovery": "UNKNOWN"
},
"title": "Jetty accepts \"+\" prefixed value in Content-Length"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-40167",
"datePublished": "2023-09-15T19:37:37.530Z",
"dateReserved": "2023-08-09T15:26:41.051Z",
"dateUpdated": "2025-02-13T17:03:25.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36479 (GCVE-0-2023-36479)
Vulnerability from nvd – Published: 2023-09-15 18:37 – Updated: 2025-06-18 14:41
VLAI?
Title
Jetty vulnerable to errant command quoting in CGI Servlet
Summary
Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.
Severity ?
CWE
- CWE-149 - Improper Neutralization of Quoting Syntax
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.0.0, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 Affected: <= 12.0.0-beta1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:57.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9516",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9516"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9888",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9888"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9889",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9889"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:04:27.724025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T14:41:11.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
},
{
"status": "affected",
"version": "\u003c= 12.0.0-beta1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-149",
"description": "CWE-149: Improper Neutralization of Quoting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:17.561Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9516",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9516"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9888",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9888"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9889",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9889"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-3gh6-v5v9-6v9j",
"discovery": "UNKNOWN"
},
"title": "Jetty vulnerable to errant command quoting in CGI Servlet"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36479",
"datePublished": "2023-09-15T18:37:35.948Z",
"dateReserved": "2023-06-21T18:50:41.704Z",
"dateUpdated": "2025-06-18T14:41:11.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26049 (GCVE-0-2023-26049)
Vulnerability from nvd – Published: 2023-04-18 20:35 – Updated: 2025-02-13 16:44
VLAI?
Title
Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty
Summary
Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
< 9.4.51
Affected: >= 10.0.0, < 10.0.14 Affected: >= 11.0.0, < 11.0.14 Affected: >= 12.0.0.alpha0, < 12.0.0.beta0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9339",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9339"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9352",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9352"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc2965",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc2965"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc6265",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc6265"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003c 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.14"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.14"
},
{
"status": "affected",
"version": "\u003e= 12.0.0.alpha0, \u003c 12.0.0.beta0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:15.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9339",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9339"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9352",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9352"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc2965",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc2965"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc6265",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc6265"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-p26g-97m4-6q7c",
"discovery": "UNKNOWN"
},
"title": "Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26049",
"datePublished": "2023-04-18T20:35:36.506Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-02-13T16:44:44.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26048 (GCVE-0-2023-26048)
Vulnerability from nvd – Published: 2023-04-18 20:30 – Updated: 2025-02-13 16:44
VLAI?
Title
OutOfMemoryError for large multipart without filename in Eclipse Jetty
Summary
Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
< 9.4.51
Affected: >= 10.0.0, < 10.0.14 Affected: >= 11.0.0, < 11.0.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
},
{
"name": "https://github.com/eclipse/jetty.project/issues/9076",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/9076"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9344",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9344"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9345",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9345"
},
{
"name": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T19:43:53.088439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:59:53.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003c 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.14"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:13.823Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
},
{
"name": "https://github.com/eclipse/jetty.project/issues/9076",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/issues/9076"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9344",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9344"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9345",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9345"
},
{
"name": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-qw69-rqj8-6qw8",
"discovery": "UNKNOWN"
},
"title": "OutOfMemoryError for large multipart without filename in Eclipse Jetty"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26048",
"datePublished": "2023-04-18T20:30:20.420Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-02-13T16:44:44.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1948 (GCVE-0-2025-1948)
Vulnerability from cvelistv5 – Published: 2025-05-08 17:48 – Updated: 2025-05-08 18:31
VLAI?
Title
Eclipse Jetty HTTP clients can increase memory allocation
Summary
In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.
The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
12.0.0 , ≤ 12.0.16
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:31:29.735282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T18:31:44.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetty",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.0.16",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
}
],
"value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T17:48:40.831Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Eclipse Jetty HTTP clients can increase memory allocation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2025-1948",
"datePublished": "2025-05-08T17:48:40.831Z",
"dateReserved": "2025-03-04T13:55:56.722Z",
"dateUpdated": "2025-05-08T18:31:44.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13009 (GCVE-0-2024-13009)
Vulnerability from cvelistv5 – Published: 2025-05-08 17:29 – Updated: 2025-05-08 18:56 Unsupported When Assigned
VLAI?
Title
Eclipse Jetty GZIP buffer release
Summary
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request
body. This can result in corrupted and/or inadvertent sharing of data between requests.
Severity ?
7.2 (High)
CWE
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.4.0 , ≤ 9.4.56
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:55:32.278977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T18:56:39.446Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetty",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "9.4.56",
"status": "affected",
"version": "9.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
}
],
"value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T17:29:31.380Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Eclipse Jetty GZIP buffer release",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-13009",
"datePublished": "2025-05-08T17:29:31.380Z",
"dateReserved": "2024-12-28T09:11:12.587Z",
"dateUpdated": "2025-05-08T18:56:39.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8184 (GCVE-0-2024-8184)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:09 – Updated: 2025-11-03 19:34
VLAI?
Title
Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Summary
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
Severity ?
5.9 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.3.12 , ≤ 9.4.55
(semver)
Affected: 10.0.0 , ≤ 10.0.23 (semver) Affected: 11.0.0 , ≤ 11.0.23 (semver) Affected: 12.0.0 , ≤ 12.0.8 (semver) |
Credits
https://github.com/HRsGIT
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:41:50.744158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:42:01.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:56.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-server"
],
"packageName": "org.eclipse.jetty:jetty-server",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "9.4.55",
"status": "affected",
"version": "9.3.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.23",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.23",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.8",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/HRsGIT"
}
],
"datePublic": "2024-10-14T03:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
}
],
"value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:02.698Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
},
{
"url": "https://github.com/jetty/jetty.project/pull/11723"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
}
],
"value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-8184",
"datePublished": "2024-10-14T15:09:37.861Z",
"dateReserved": "2024-08-26T15:58:44.006Z",
"dateUpdated": "2025-11-03T19:34:56.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6762 (GCVE-0-2024-6762)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:07 – Updated: 2025-11-03 19:34
VLAI?
Title
Jetty PushSessionCacheFilter can cause remote DoS attacks
Summary
Jetty PushSessionCacheFilter can be exploited by unauthenticated users
to launch remote DoS attacks by exhausting the server’s memory.
Severity ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
10.0.0 , ≤ 10.0.17
(semver)
Affected: 11.0.0 , ≤ 11.0.17 (semver) Affected: 12.0.0 , ≤ 12.0.3 (semver) |
Credits
Lian Kee
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:42:42.629742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:42:50.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:37.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-servlets"
],
"packageName": "org.eclipse.jetty:jetty-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "10.0.17",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.17",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lian Kee"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eJetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory.\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "Jetty PushSessionCacheFilter can be exploited by unauthenticated users \nto launch remote DoS attacks by exhausting the server\u2019s memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:07:10.942Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24"
},
{
"url": "https://github.com/jetty/jetty.project/pull/9715"
},
{
"url": "https://github.com/jetty/jetty.project/pull/9716"
},
{
"url": "https://github.com/jetty/jetty.project/pull/10756"
},
{
"url": "https://github.com/jetty/jetty.project/pull/10755"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty PushSessionCacheFilter can cause remote DoS attacks",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe session usage is intrinsic to the design of the PushCacheFilter. The issue can be avoided by:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enot using the PushCacheFilter. Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\u003c/li\u003e\n\u003cli\u003ereducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\u003c/li\u003e\n\u003cli\u003econfiguring a session cache to use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://jetty.org/docs/jetty/12/programming-guide/server/session.html\"\u003esession passivation\u003c/a\u003e,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory.\u003c/li\u003e\n\u003c/ul\u003e"
}
],
"value": "The session usage is intrinsic to the design of the PushCacheFilter. The issue can be avoided by:\n\n\n\n * not using the PushCacheFilter. Push has been deprecated by the \nvarious IETF specs and early hints responses should be used instead.\n\n * reducing the reducing the idle timeout on unauthenticated sessions will reduce the time such session stay in memory.\n\n * configuring a session cache to use session passivation https://jetty.org/docs/jetty/12/programming-guide/server/session.html ,\n so that sessions are not stored in memory, but rather in a database or \nfile system that may have significantly more capacity than memory."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-6762",
"datePublished": "2024-10-14T15:07:10.942Z",
"dateReserved": "2024-07-15T17:35:50.791Z",
"dateUpdated": "2025-11-03T19:34:37.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6763 (GCVE-0-2024-6763)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:06 – Updated: 2025-03-07 00:10
VLAI?
Title
Jetty URI parsing of invalid authority
Summary
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.
The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI
differs from the common browsers in how it handles a URI that would be
considered invalid if fully validated against the RRC. Specifically HttpURI
and the browser may differ on the value of the host extracted from an
invalid URI and thus a combination of Jetty and a vulnerable browser may
be vulnerable to a open redirect attack or to a SSRF attack if the URI
is used after passing validation checks.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
7.0.0 , ≤ 12.0.11
(semver)
|
Credits
https://github.com/zer0yu
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "jetty",
"vendor": "eclipse",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6763",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:44:14.448650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:45:35.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-07T00:10:46.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-http"
],
"packageName": "org.eclipse.jetty:jetty-http",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/zer0yu"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, \u003ccode\u003eHttpURI\u003c/code\u003e, for URI/URL parsing.\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003eHttpURI\u003c/code\u003e class does insufficient validation on the authority segment of a URI. However the behaviour of \u003ccode\u003eHttpURI\u003c/code\u003e\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically \u003ccode\u003eHttpURI\u003c/code\u003e\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks.\u003c/p\u003e"
}
],
"value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC. Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:38.815Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
},
{
"url": "https://github.com/jetty/jetty.project/pull/12012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty URI parsing of invalid authority",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe attacks outlined above rely on decoded user data being passed to the \u003ccode\u003eHttpURI\u003c/code\u003e class. Application should not pass decoded user data as an encoded URI to any URI class/method, including \u003ccode\u003eHttpURI\u003c/code\u003e. Such applications are likely to be vulnerable in other ways.\u003cbr\u003e\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4\"\u003eRFC9110 Section 4.2.4\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser).\u003c/p\u003e"
}
],
"value": "The attacks outlined above rely on decoded user data being passed to the HttpURI class. Application should not pass decoded user data as an encoded URI to any URI class/method, including HttpURI. Such applications are likely to be vulnerable in other ways.\n\nThe immediate solution is to upgrade to a version of the class that will\n fully validate the characters of the URI authority. Ultimately, Jetty \nwill deprecate and remove support for user info in the authority per RFC9110 Section 4.2.4 https://datatracker.ietf.org/doc/html/rfc9110#section-4.2.4 .\n\n\nNote that the Chrome (and other browsers) parse the \ninvalid user info section improperly as well (due to flawed WhatWG URL \nparsing rules that do not apply outside of a Web Browser)."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-6763",
"datePublished": "2024-10-14T15:06:07.298Z",
"dateReserved": "2024-07-15T17:37:53.605Z",
"dateUpdated": "2025-03-07T00:10:46.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9823 (GCVE-0-2024-9823)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:03 – Updated: 2025-11-03 19:35
VLAI?
Title
Jetty DOS vulnerability on DosFilter
Summary
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.0.0 , < 9.4.54
(semvar)
Affected: 10.0.0 , < 10.0.18 (semvar) Affected: 11.0.0 , < 11.0.18 (semver) |
|||||||||||||||||
|
|||||||||||||||||||
Credits
Lian Kee
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "jetty",
"vendor": "eclipse",
"versions": [
{
"lessThan": "9.4.54",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.0.18",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.0.18",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:46:11.062398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:49:38.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:35:02.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-servlets"
],
"packageName": "org.eclipse.jetty:jetty-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThan": "9.4.54",
"status": "affected",
"version": "9.0.0",
"versionType": "semvar"
},
{
"lessThan": "10.0.18",
"status": "affected",
"version": "10.0.0",
"versionType": "semvar"
},
{
"lessThan": "11.0.18",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee8-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee8-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semvar"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee9-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee9-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-ee10-servlets"
],
"packageName": "org.eclipse.jetty.ee8:jetty-ee10-servlets",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Jetty",
"versions": [
{
"lessThan": "12.0.3",
"status": "affected",
"version": "12.0.0",
"versionType": "semvar"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lian Kee"
}
],
"datePublic": "2024-10-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally.\u003cbr\u003e"
}
],
"value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:29:14.390Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
},
{
"url": "https://github.com/jetty/jetty.project/issues/1256"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty DOS vulnerability on DosFilter",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ccode\u003eDoSFilter\u003c/code\u003e can be configured to not use sessions for tracking usage by setting the \u003ccode\u003etrackSessions\u003c/code\u003e init parameter to \u003ccode\u003efalse\u003c/code\u003e. This will then use only the IP tracking mechanism, which is not vulnerable.\u003cbr\u003e\nSessions can also be configured to have aggressive passivation or inactivation limits.\u003cbr\u003e"
}
],
"value": "The DoSFilter can be configured to not use sessions for tracking usage by setting the trackSessions init parameter to false. This will then use only the IP tracking mechanism, which is not vulnerable.\n\nSessions can also be configured to have aggressive passivation or inactivation limits."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-9823",
"datePublished": "2024-10-14T15:03:02.293Z",
"dateReserved": "2024-10-10T15:56:32.744Z",
"dateUpdated": "2025-11-03T19:35:02.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-22201 (GCVE-0-2024-22201)
Vulnerability from cvelistv5 – Published: 2024-02-26 16:13 – Updated: 2025-02-13 17:33
VLAI?
Title
Jetty connection leaking on idle timeout when TCP congested
Summary
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| jetty | jetty.project |
Affected:
>= 9.3.0, <= 9.4.53
Affected: >= 10.0.0, <= 10.0.19 Affected: >= 11.0.0, <= 11.0.19 Affected: >= 12.0.0, <= 12.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
},
{
"name": "https://github.com/jetty/jetty.project/issues/11256",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jetty/jetty.project/issues/11256"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jetty:jetty.project:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetty.project",
"vendor": "jetty",
"versions": [
{
"lessThanOrEqual": "9.4.53",
"status": "affected",
"version": "9.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.19",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.19",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.0.5",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22201",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T18:49:17.679314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:21:40.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "jetty",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.3.0, \u003c= 9.4.53"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.19"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.19"
},
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c= 12.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:08:05.942Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
},
{
"name": "https://github.com/jetty/jetty.project/issues/11256",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jetty/jetty.project/issues/11256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
}
],
"source": {
"advisory": "GHSA-rggv-cv7r-mw98",
"discovery": "UNKNOWN"
},
"title": "Jetty connection leaking on idle timeout when TCP congested"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22201",
"datePublished": "2024-02-26T16:13:33.848Z",
"dateReserved": "2024-01-08T04:59:27.371Z",
"dateUpdated": "2025-02-13T17:33:34.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36478 (GCVE-0-2023-36478)
Vulnerability from cvelistv5 – Published: 2023-10-10 16:53 – Updated: 2025-02-13 16:56
VLAI?
Title
HTTP/2 HPACK integer overflow and buffer allocation
Summary
Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to
exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295
will overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 10.0.0, < 10.0.16
Affected: >= 11.0.0, < 11.0.16 Affected: >= 9.3.0, < 9.4.53 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:57.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9634",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9634"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.16"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.16"
},
{
"status": "affected",
"version": "\u003e= 9.3.0, \u003c 9.4.53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to\nexceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295\nwill overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:08:04.429Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9634",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9634"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16"
},
{
"name": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231116-0011/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"source": {
"advisory": "GHSA-wgh7-54f2-x98r",
"discovery": "UNKNOWN"
},
"title": "HTTP/2 HPACK integer overflow and buffer allocation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36478",
"datePublished": "2023-10-10T16:53:07.063Z",
"dateReserved": "2023-06-21T18:50:41.704Z",
"dateUpdated": "2025-02-13T16:56:19.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2025-11-04 21:08
VLAI?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2025-11-04T21:08:27.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-41900 (GCVE-0-2023-41900)
Vulnerability from cvelistv5 – Published: 2023-09-15 20:17 – Updated: 2025-02-13 17:09
VLAI?
Title
Jetty's OpenId Revoked authentication allows one request
Summary
Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.
Severity ?
CWE
- CWE-1390 - Weak Authentication
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.4.21, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9528",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9528"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9660",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9660"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231110-0004/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:17:02.421689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:17:17.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.4.21, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1390",
"description": "CWE-1390: Weak Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T18:06:33.022Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9528",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9528"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9660",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9660"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231110-0004/"
}
],
"source": {
"advisory": "GHSA-pwh8-58vv-vw48",
"discovery": "UNKNOWN"
},
"title": "Jetty\u0027s OpenId Revoked authentication allows one request"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-41900",
"datePublished": "2023-09-15T20:17:42.201Z",
"dateReserved": "2023-09-04T16:31:48.226Z",
"dateUpdated": "2025-02-13T17:09:04.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40167 (GCVE-0-2023-40167)
Vulnerability from cvelistv5 – Published: 2023-09-15 19:37 – Updated: 2025-02-13 17:03
VLAI?
Title
Jetty accepts "+" prefixed value in Content-Length
Summary
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.
Severity ?
5.3 (Medium)
CWE
- CWE-130 - Improper Handling of Length Parameter Inconsistency
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.0.0, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 Affected: = 12.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T18:49:57.977850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T18:50:08.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
},
{
"status": "affected",
"version": "= 12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130: Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:19.236Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-hmr7-m48g-48f6",
"discovery": "UNKNOWN"
},
"title": "Jetty accepts \"+\" prefixed value in Content-Length"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-40167",
"datePublished": "2023-09-15T19:37:37.530Z",
"dateReserved": "2023-08-09T15:26:41.051Z",
"dateUpdated": "2025-02-13T17:03:25.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36479 (GCVE-0-2023-36479)
Vulnerability from cvelistv5 – Published: 2023-09-15 18:37 – Updated: 2025-06-18 14:41
VLAI?
Title
Jetty vulnerable to errant command quoting in CGI Servlet
Summary
Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.
Severity ?
CWE
- CWE-149 - Improper Neutralization of Quoting Syntax
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
>= 9.0.0, <= 9.4.51
Affected: >= 10.0.0, <= 10.0.15 Affected: >= 11.0.0, <= 11.0.15 Affected: <= 12.0.0-beta1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:57.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9516",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9516"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9888",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9888"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9889",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9889"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:04:27.724025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T14:41:11.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c= 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c= 10.0.15"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c= 11.0.15"
},
{
"status": "affected",
"version": "\u003c= 12.0.0-beta1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-149",
"description": "CWE-149: Improper Neutralization of Quoting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:17.561Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9516",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9516"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9888",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9888"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9889",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9889"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-3gh6-v5v9-6v9j",
"discovery": "UNKNOWN"
},
"title": "Jetty vulnerable to errant command quoting in CGI Servlet"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36479",
"datePublished": "2023-09-15T18:37:35.948Z",
"dateReserved": "2023-06-21T18:50:41.704Z",
"dateUpdated": "2025-06-18T14:41:11.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26049 (GCVE-0-2023-26049)
Vulnerability from cvelistv5 – Published: 2023-04-18 20:35 – Updated: 2025-02-13 16:44
VLAI?
Title
Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty
Summary
Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
< 9.4.51
Affected: >= 10.0.0, < 10.0.14 Affected: >= 11.0.0, < 11.0.14 Affected: >= 12.0.0.alpha0, < 12.0.0.beta0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9339",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9339"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9352",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9352"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc2965",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc2965"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc6265",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rfc-editor.org/rfc/rfc6265"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003c 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.14"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.14"
},
{
"status": "affected",
"version": "\u003e= 12.0.0.alpha0, \u003c 12.0.0.beta0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:15.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9339",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9339"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9352",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9352"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc2965",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc2965"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc6265",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc6265"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-p26g-97m4-6q7c",
"discovery": "UNKNOWN"
},
"title": "Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26049",
"datePublished": "2023-04-18T20:35:36.506Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-02-13T16:44:44.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26048 (GCVE-0-2023-26048)
Vulnerability from cvelistv5 – Published: 2023-04-18 20:30 – Updated: 2025-02-13 16:44
VLAI?
Title
OutOfMemoryError for large multipart without filename in Eclipse Jetty
Summary
Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| eclipse | jetty.project |
Affected:
< 9.4.51
Affected: >= 10.0.0, < 10.0.14 Affected: >= 11.0.0, < 11.0.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
},
{
"name": "https://github.com/eclipse/jetty.project/issues/9076",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/9076"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9344",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9344"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9345",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/pull/9345"
},
{
"name": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T19:43:53.088439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:59:53.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jetty.project",
"vendor": "eclipse",
"versions": [
{
"status": "affected",
"version": "\u003c 9.4.51"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.14"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.0.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T14:06:13.823Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
},
{
"name": "https://github.com/eclipse/jetty.project/issues/9076",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/issues/9076"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9344",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9344"
},
{
"name": "https://github.com/eclipse/jetty.project/pull/9345",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/jetty.project/pull/9345"
},
{
"name": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
}
],
"source": {
"advisory": "GHSA-qw69-rqj8-6qw8",
"discovery": "UNKNOWN"
},
"title": "OutOfMemoryError for large multipart without filename in Eclipse Jetty"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26048",
"datePublished": "2023-04-18T20:30:20.420Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-02-13T16:44:44.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}