Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2022-2047

Published: 07/07/2022 Updated: 25/10/2022
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 2.7 | Impact Score: 1.4 | Exploitability Score: 1.2
VMScore: 357
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Jetty

Vulnerability Summary

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

eclipse jetty

debian debian linux 10.0

debian debian linux 11.0

netapp snapcenter -

netapp hci compute node -

netapp solidfire \\& hci storage node -

netapp element plug-in for vcenter server -

netapp management services for element software and netapp hci -

Vendor Advisories

Red Hat: Important: Red Hat AMQ Broker 7.11.0 release and security update
Synopsis Important: Red Hat AMQ Broker 7110 release and security update Type/Severity Security Advisory: Important Topic Red Hat AMQ Broker 7110 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Moderate: Red Hat AMQ Streams 2.3.0 release and security update
Synopsis Moderate: Red Hat AMQ Streams 230 release and security update Type/Severity Security Advisory: Moderate Topic Red Hat AMQ Streams 230 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...
Debian Security Advisories: DSA-5198-1 jetty9 -- security update
Two security vulnerabilities were discovered in Jetty, a Java servlet engine and webserver CVE-2022-2047 In Eclipse Jetty the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname This can lead to failures in a Proxy scenario CVE-2022-2048 In Eclipse Jet ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Analyzer, Hitachi Ops Center Analyzer viewpoint and Hitachi Ops Center Viewpoint
Hitachi Ops Center Analyzer contains the following vulnerabilities: CVE-2022-2047, CVE-2022-2048 Hitachi Ops Center Analyzer viewpoint contains the following vulnerability: CVE-2022-41862 Hitachi Ops Center Viewpoint contains the following vulnerabilities: CVE-2022-41862, CVE-2022-41881, CVE-2022-41915 Affected products and versions ...

References

CWE-20https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7qhttps://www.debian.org/security/2022/dsa-5198https://lists.debian.org/debian-lts-announce/2022/08/msg00011.htmlhttps://security.netapp.com/advisory/ntap-20220901-0006/https://access.redhat.com/errata/RHSA-2023:1661https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5198
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook