#VU81726 Integer overflow in Jetty


Published: 2023-10-10 | Updated: 2023-10-12

Vulnerability identifier: #VU81726

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-36478

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Jetty
Server applications / Web servers

Vendor: Eclipse

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in MetaDataBuilder.checkSize when handling HTTP/2 HPACK header values. A remote attacker can send specially crafted request to the server, trigger an integer overflow and crash the server.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jetty: 9.4.0 - 11.0.15

External links
http://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r
http://github.com/jetty/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in HPE Telco IP Mediation E-Media
Multiple vulnerabilities in IBM Secure Proxy
Confluence Data Center and Server update for Jetty
Bamboo Data Center and Server update for Jetty
Bitbucket Data Center and Server update for Jetty
Integer overflow in IBM Operations Analytics - Log Analysis
Integer overflow in IBM Event Streams
Multiple vulnerabilities in IBM Secure External Authentication Server
Multiple vulnerabilities in IBM Cognos Dashboards on Cloud Pak for Data
Multiple vulnerabilities in IBM Cognos Analytics