Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-40167

Опубликовано: 15 сент. 2023
Источник: nvd
CVSS3: 5.3
EPSS Низкий

Описание

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
Версия от 9.0.0 (включая) до 9.4.52 (исключая)
cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
Версия от 10.0.0 (включая) до 10.0.16 (исключая)
cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
Версия от 11.0.0 (включая) до 11.0.16 (исключая)
cpe:2.3:a:eclipse:jetty:12.0.0:-:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:12.0.0:beta0:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:12.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:12.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:12.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:eclipse:jetty:12.0.0:beta4:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.03921
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-130
NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2023-40167

CVSS3: 5.3
ubuntu
почти 2 года назад

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.

redhat логотип

CVE-2023-40167

CVSS3: 5.3
redhat
почти 2 года назад

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.

debian логотип

CVE-2023-40167

CVSS3: 5.3
debian
почти 2 года назад

Jetty is a Java based web server and servlet engine. Prior to versions ...

github логотип

GHSA-hmr7-m48g-48f6

CVSS3: 5.3
github
почти 2 года назад

Jetty accepts "+" prefixed value in Content-Length

fstec логотип

BDU:2024-02254

CVSS3: 5.3
fstec
больше 1 года назад

Уязвимость контейнера сервлетов Eclipse Jetty, связанная с ошибками при обработке параметров длины входных данных, позволяющая нарушителю выполнять атаку «контрабанда HTTP-запросов»

EPSS

Процентиль: 88%
0.03921
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-130
NVD-CWE-noinfo