Candidate: CVE-2018-12536 PublicDate: 2018-06-27 17:29:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536 https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670 https://github.com/eclipse/jetty.project/issues/2560 Description: In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system. Ubuntu-Description: Notes: Bugs: Priority: low Discovered-by: Assigned-to: CVSS: nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N [5.3 MEDIUM] nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N [5.3 MEDIUM] Patches_jetty8: upstream_jetty8: not-affected (code not present) precise/esm_jetty8: DNE trusty_jetty8: ignored (out of standard support) trusty/esm_jetty8: not-affected (code not present) xenial_jetty8: not-affected (code not present) artful_jetty8: DNE bionic_jetty8: DNE cosmic_jetty8: DNE disco_jetty8: DNE eoan_jetty8: DNE focal_jetty8: DNE groovy_jetty8: DNE hirsute_jetty8: DNE impish_jetty8: DNE jammy_jetty8: DNE devel_jetty8: DNE Patches_jetty9: upstream: https://github.com/eclipse/jetty.project/pull/2561/commits/65de2c6690103212a933e5491fbe94d35fcdd498 upstream: https://github.com/eclipse/jetty.project/pull/2561/commits/ad4dceb1c08679baa2a6a64356fcde5309e13fd8 upstream_jetty9: released (9.2.25-1) precise/esm_jetty9: DNE trusty_jetty9: DNE trusty/esm_jetty9: DNE xenial_jetty9: ignored (end of standard support, was needed) artful_jetty9: ignored (reached end-of-life) bionic_jetty9: not-affected (9.2.25-1) cosmic_jetty9: not-affected (9.2.25-1) disco_jetty9: not-affected (9.2.25-1) eoan_jetty9: not-affected (9.2.25-1) focal_jetty9: not-affected (9.2.25-1) groovy_jetty9: not-affected (9.2.25-1) hirsute_jetty9: not-affected (9.2.25-1) impish_jetty9: not-affected (9.2.25-1) jammy_jetty9: not-affected (9.2.25-1) devel_jetty9: not-affected (9.2.25-1)