{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1948", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "state": "PUBLISHED", "assignerShortName": "eclipse", "dateReserved": "2025-03-04T13:55:56.722Z", "datePublished": "2025-05-08T17:48:40.831Z", "dateUpdated": "2025-05-08T18:31:44.196Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Jetty", "vendor": "Eclipse Foundation", "versions": [{"lessThanOrEqual": "12.0.16", "status": "affected", "version": "12.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."}], "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2025-05-08T17:48:40.831Z"}, "references": [{"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"}, {"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"}], "source": {"discovery": "UNKNOWN"}, "title": "Eclipse Jetty HTTP clients can increase memory allocation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T18:31:29.735282Z", "id": "CVE-2025-1948", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T18:31:44.196Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1948", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-08T18:31:29.735282Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T18:31:35.426Z"}}], "cna": {"title": "Eclipse Jetty HTTP clients can increase memory allocation", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Eclipse Foundation", "product": "Jetty", "versions": [{"status": "affected", "version": "12.0.0", "versionType": "semver", "lessThanOrEqual": "12.0.16"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"}, {"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.", "supportingMedia": [{"type": "text/html", "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2025-05-08T17:48:40.831Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1948", "state": "PUBLISHED", "dateUpdated": "2025-05-08T18:31:44.196Z", "dateReserved": "2025-03-04T13:55:56.722Z", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "datePublished": "2025-05-08T17:48:40.831Z", "assignerShortName": "eclipse"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "matchCriteriaId": "A612F5DB-932C-4262-BEC8-2F4182E16F44", "versionEndExcluding": "12.0.17", "versionStartIncluding": "12.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting."}, {"lang": "es", "value": "En las versiones 12.0.0 a 12.0.16 de Eclipse Jetty, un cliente HTTP/2 puede especificar un valor muy alto para el par\u00e1metro de configuraci\u00f3n HTTP/2 SETTINGS_MAX_HEADER_LIST_SIZE. El servidor HTTP/2 de Jetty no valida esta configuraci\u00f3n e intenta asignar un ByteBuffer con la capacidad especificada para codificar las respuestas HTTP, lo que probablemente genere un error OutOfMemoryError o incluso la salida del proceso JVM."}], "id": "CVE-2025-1948", "lastModified": "2025-07-31T16:28:26.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "emo@eclipse.org", "type": "Secondary"}]}, "published": "2025-05-08T18:15:41.990", "references": [{"source": "emo@eclipse.org", "tags": ["Vendor Advisory"], "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8"}, {"source": "emo@eclipse.org", "tags": ["Issue Tracking"], "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/56"}], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "emo@eclipse.org", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:10118", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-0:2.504.2.1750932984-3.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10118", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-2-plugins-0:4.12.1750933270-1.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10119", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-0:2.504.2.1750916374-3.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10119", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-2-plugins-0:4.13.1750916671-1.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10120", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-0:2.504.2.1750903189-3.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10120", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-2-plugins-0:4.14.1750903529-1.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10104", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-0:2.504.2.1750856366-3.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10104", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-2-plugins-0:4.15.1750856638-1.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10098", "cpe": "cpe:/a:redhat:ocp_tools:4.16::el9", "package": "jenkins-0:2.504.2.1750857144-3.el9", "product_name": "OCP-Tools-4.16-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10098", "cpe": "cpe:/a:redhat:ocp_tools:4.16::el9", "package": "jenkins-2-plugins-0:4.16.1750857315-1.el9", "product_name": "OCP-Tools-4.16-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10097", "cpe": "cpe:/a:redhat:ocp_tools:4.17::el9", "package": "jenkins-0:2.504.2.1750851690-3.el9", "product_name": "OCP-Tools-4.17-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10097", "cpe": "cpe:/a:redhat:ocp_tools:4.17::el9", "package": "jenkins-2-plugins-0:4.17.1750851950-1.el9", "product_name": "OCP-Tools-4.17-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10092", "cpe": "cpe:/a:redhat:ocp_tools:4.18::el9", "package": "jenkins-0:2.504.2.1750846524-3.el9", "product_name": "OCP-Tools-4.18-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10092", "cpe": "cpe:/a:redhat:ocp_tools:4.18::el9", "package": "jenkins-2-plugins-0:4.18.1750846854-1.el9", "product_name": "OCP-Tools-4.18-RHEL-9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:7696", "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.10.3", "package": "jetty-http2-common", "product_name": "Red Hat build of Apache Camel 4.10.3 for Spring Boot", "release_date": "2025-05-15T00:00:00Z"}], "bugzilla": {"description": "jetty-http2-common: Jetty HTTP/2 Header List Size Vulnerability", "id": "2365137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365137"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE.\nThe Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.", "A flaw was found in Eclipse Jetty. This vulnerability allows denial of service attack via an HTTP/2 client specifying a very large value for the SETTINGS_MAX_HEADER_LIST_SIZE parameter."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-1948", "public_date": "2025-05-08T17:48:40Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-1948\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-1948\nhttps://github.com/jetty/jetty.project/security/advisories/GHSA-889j-63jv-qhr8\nhttps://gitlab.eclipse.org/security/cve-assignement/-/issues/56"], "threat_severity": "Important"}