Vulnerabilities > CVE-2022-2048

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
eclipse
debian
netapp
jenkins

Summary

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.

Vulnerable Configurations

Part Description Count
Application
Eclipse
602
Application
Netapp
4
Application
Jenkins
2014
OS
Debian
2
Hardware
Netapp
1