Описание
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.
The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI
differs from the common browsers in how it handles a URI that would be
considered invalid if fully validated against the RRC. Specifically HttpURI
and the browser may differ on the value of the host extracted from an
invalid URI and thus a combination of Jetty and a vulnerable browser may
be vulnerable to a open redirect attack or to a SSRF attack if the URI
is used after passing validation checks.
A flaw was found in Jetty. The HttpURI class performs insufficient validation on the authority segment of a URI. The HttpURI and the browser may differ on the value of the host extracted from an invalid URI. This combination of Jetty and a vulnerable browser may be vulnerable to an open redirect attack or an SSRF attack if the URI is used after passing validation checks.
Отчет
For this attack to work, you would require the victim to have a vulnerable browser on top of that the URI being used after insufficient validation, all of which makes this a low-severity flaw.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| AMQ Clients | org.eclipse.jetty/jetty-http | Fix deferred | ||
| A-MQ Clients 2 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| OpenShift Serverless | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat AMQ Broker 7 | org.eclipse.jetty/jetty-http | Affected | ||
| Red Hat build of Apache Camel 4 for Quarkus 3 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat build of Apache Camel for Spring Boot 3 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat build of Apache Camel for Spring Boot 4 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat build of Apache Camel - HawtIO 4 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat build of Apicurio Registry 2 | org.eclipse.jetty/jetty-http | Fix deferred | ||
| Red Hat build of Debezium 2 | org.eclipse.jetty/jetty-http | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS3
Связанные уязвимости
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.
Eclipse Jetty is a lightweight, highly scalable, Java-based web server ...
Уязвимость класса HttpURI контейнера сервлетов Eclipse Jetty, позволяющая нарушителю осуществить SSRF-атаку
EPSS
3.7 Low
CVSS3