Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jetty Improper Input Validation Vulnerability - CVE-2022-2047 - Vulnerability Database
Jetty

Jetty Improper Input Validation Vulnerability - CVE-2022-2047

Low
Reference: CVE-2022-2047
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-2047
Title: Jetty Improper Input Validation Vulnerability
Overview:

In Eclipse Jetty versions 9.4.0 thru 9.4.46 and 10.0.0 thru 10.0.9 and 11.0.0 thru 11.0.9 versions the parsing of the authority segment of an http scheme URI the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.