CVE-2022-2047

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-2047
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2047.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-2047
Aliases
Downstream
Related
Published
2022-07-07T21:15:10.093Z
Modified
2026-01-30T23:23:18.655782Z
Severity
  • 2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.

References

Affected packages

Git / github.com/eclipse/jetty.project

Affected ranges

Type
GIT
Repo
https://github.com/eclipse/jetty.project
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bc17a0369a11ecf40bb92c839b9ef0a8ac50ea18

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2047.json"

Git / github.com/jetty/jetty.project

Affected ranges

Type
GIT
Repo
https://github.com/jetty/jetty.project
Events
Introduced
b9645a17373e4e9b7f30b6c0a07defcea2cb660b
Fixed
a9eaf8d5d73369acf610ce88f850c0d56c4b1113

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2047.json"