{"vulnerability": "CVE-2024-2220", "sightings": [{"uuid": "67cef734-3e0f-4657-9389-20c1fb79a155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22201", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3831", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22201\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: ### Impact\nIf an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written.\nHowever it is not written because the connection is TCP congested.\nWhen another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection.\n\nThis leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle.\n\nAn attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.\n\nThe client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers.\n\n### Patches\nPatched versions:\n* 9.4.54\n* 10.0.20\n* 11.0.20\n* 12.0.6\n\n### Workarounds\nDisable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty.\nHTTP/1.x is not affected.\n\n### References\n* https://github.com/jetty/jetty.project/issues/11256.\n\ud83d\udccf Published: 2024-02-26T20:13:46Z\n\ud83d\udccf Modified: 2025-02-07T20:44:34Z\n\ud83d\udd17 References:\n1. https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\n2. https://nvd.nist.gov/vuln/detail/CVE-2024-22201\n3. https://github.com/jetty/jetty.project/issues/11256\n4. https://github.com/jetty/jetty.project/issues/11259\n5. https://github.com/jetty/jetty.project/commit/0839a208cdc3fcfe25206a77af59ba9fda260188\n6. https://github.com/jetty/jetty.project/commit/b953871c9a5ff4fbca4a2499848f75182dbd9810\n7. https://github.com/jetty/jetty.project\n8. https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\n9. https://security.netapp.com/advisory/ntap-20240329-0001\n10. http://www.openwall.com/lists/oss-security/2024/03/20/2", "creation_timestamp": "2025-02-07T21:03:04.000000Z"}, {"uuid": "89aa0f78-1395-472d-bcce-77391b5e0559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22202", "type": "seen", "source": "https://t.me/ctinow/196463", "content": "https://ift.tt/QjYD53L\nCVE-2024-22202 | thorsten phpMyFAQ up to 3.2.4 access control (GHSA-6648-6g96-mg35)", "creation_timestamp": "2024-02-29T10:26:06.000000Z"}, {"uuid": "09efdbcb-0c47-45bd-8b88-d97700821f78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22207", "type": "seen", "source": "https://t.me/arpsyndicate/2918", "content": "#ExploitObserverAlert\n\nCVE-2024-22207\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22207. fastify-swagger-ui is a Fastify plugin for serving Swagger UI.  Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module.  The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-01-19T10:12:13.000000Z"}, {"uuid": "b9c5e5ed-2c8c-460d-bf94-d247144eb95f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22201", "type": "seen", "source": "https://t.me/arpsyndicate/4894", "content": "#ExploitObserverAlert\n\nCVE-2024-22201\n\nDESCRIPTION: Exploit Observer has 16 entries in 5 file formats related to CVE-2024-22201. Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.\n\nFIRST-EPSS: 0.000450000\nARPS-PRIORITY: 0.7705204", "creation_timestamp": "2024-04-26T06:09:04.000000Z"}, {"uuid": "d9603aa5-793b-4e2b-a484-70658309275b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22206", "type": "seen", "source": "https://t.me/arpsyndicate/2771", "content": "#ExploitObserverAlert\n\nCVE-2024-22206\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22206. Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.", "creation_timestamp": "2024-01-15T08:38:37.000000Z"}, {"uuid": "ea54f540-d8f9-450d-8129-13c8d7b0ccb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22209", "type": "seen", "source": "https://t.me/arpsyndicate/2858", "content": "#ExploitObserverAlert\n\nCVE-2024-22209\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22209. Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f.", "creation_timestamp": "2024-01-16T14:47:24.000000Z"}, {"uuid": "dc16c6e6-e7db-4241-9834-f0047d3c4d37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22201", "type": "seen", "source": "https://t.me/ctinow/195456", "content": "https://ift.tt/ulgdGcV\nCVE-2024-22201 | Eclipse Jetty up to 9.4.53/10.0.19/11.0.19/12.0.5 HTTP/2 SSL resource consumption", "creation_timestamp": "2024-02-28T14:12:18.000000Z"}, {"uuid": "a046fddd-4c11-4eca-9cc1-25ac36db31f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22203", "type": "seen", "source": "https://t.me/ctinow/186866", "content": "https://ift.tt/s7IGx8j\nCVE-2024-22203 | benbusby whoogle-search up to 0.8.3 GET Request app/routes.py element src_type/element_url server-side request forgery (GHSL-2023-186)", "creation_timestamp": "2024-02-17T11:06:51.000000Z"}, {"uuid": "bcc94f47-973e-4645-b31b-e8eef909ca81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22201", "type": "seen", "source": "https://t.me/ctinow/193732", "content": "https://ift.tt/NVjaKE7\nCVE-2024-22201", "creation_timestamp": "2024-02-26T20:36:34.000000Z"}, {"uuid": "3f31c8b6-df8f-477d-b308-d90b2278b8e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22207", "type": "seen", "source": "https://t.me/ctinow/186447", "content": "https://ift.tt/r0TbhkD\nCVE-2024-22207 Node.js Vulnerability in NetApp Products", "creation_timestamp": "2024-02-16T15:31:54.000000Z"}, {"uuid": "858fa7ce-2bc5-4e7d-8594-a9eab4be6b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22205", "type": "seen", "source": "https://t.me/ctinow/186865", "content": "https://ift.tt/PW4lfg0\nCVE-2024-22205 | benbusby whoogle-search up to 0.8.3 GET Request request.py send location server-side request forgery (GHSL-2023-186)", "creation_timestamp": "2024-02-17T11:06:50.000000Z"}, {"uuid": "0ef4b9ff-9d8d-487f-b151-4a7038457f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22202", "type": "seen", "source": "https://t.me/ctinow/184206", "content": "https://ift.tt/36TBckS\nCVE-2024-22202 Exploit", "creation_timestamp": "2024-02-13T21:16:57.000000Z"}, {"uuid": "7a961858-a573-4572-a465-243efebc5916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22200", "type": "seen", "source": "https://t.me/ctinow/190529", "content": "https://ift.tt/5TdznYc\nCVE-2024-22200 | vantage6-UI up to 4.1.x Nginx information disclosure (GHSA-8wxq-346h-xmr8)", "creation_timestamp": "2024-02-22T08:37:19.000000Z"}, {"uuid": "0ea0c9c7-9213-45f7-8208-c18a81f75576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22208", "type": "seen", "source": "https://t.me/ctinow/183558", "content": "https://ift.tt/sam6kbS\nCVE-2024-22208 Exploit", "creation_timestamp": "2024-02-13T02:16:43.000000Z"}, {"uuid": "fcdb2844-2771-42f8-a089-4e6d33ee8c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22208", "type": "seen", "source": "https://t.me/ctinow/179546", "content": "https://ift.tt/0Bgu5Vs\nCVE-2024-22208", "creation_timestamp": "2024-02-05T22:21:31.000000Z"}, {"uuid": "5de50e4d-fca5-424d-b3b6-1b8992d9a1f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22202", "type": "seen", "source": "https://t.me/ctinow/179515", "content": "https://ift.tt/ZRzoTE5\nCVE-2024-22202", "creation_timestamp": "2024-02-05T21:31:18.000000Z"}, {"uuid": "7d32319d-7d42-4cc4-b0eb-5b2a672b627e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22206", "type": "seen", "source": "https://t.me/ctinow/178357", "content": "https://ift.tt/tRLQlZS\nCVE-2024-22206 | clerk javascript up to 4.29.2 auth/getAuth authorization (GHSA-q6w5-jg5q-47vg)", "creation_timestamp": "2024-02-03T02:26:52.000000Z"}, {"uuid": "1aa1cd4e-2bfd-42f3-ae2a-55fa5c9f65ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22207", "type": "seen", "source": "https://t.me/ctinow/178554", "content": "https://ift.tt/jbsuZtF\nCVE-2024-22207 | fastify-swagger-ui up to 2.0.x insecure default initialization of resource", "creation_timestamp": "2024-02-03T14:21:17.000000Z"}, {"uuid": "5f459e89-394c-4bd8-b4ee-90821247d04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22203", "type": "seen", "source": "https://t.me/ctinow/176188", "content": "https://ift.tt/9AMsmrN\nCVE-2024-22203 Exploit", "creation_timestamp": "2024-01-30T19:17:11.000000Z"}, {"uuid": "166478b4-a868-4ab2-9e64-3ba3ba1e3624", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22204", "type": "seen", "source": "https://t.me/ctinow/177963", "content": "https://ift.tt/e4hmEOY\nCVE-2024-22204 Exploit", "creation_timestamp": "2024-02-02T08:16:30.000000Z"}, {"uuid": "dbb3e481-2e5f-4435-a562-5ca1b0490b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22206", "type": "seen", "source": "https://t.me/ctinow/167539", "content": "https://ift.tt/reKN9tV\nCVE-2024-22206", "creation_timestamp": "2024-01-12T21:32:11.000000Z"}, {"uuid": "c5640e0a-7c4c-4d27-9d57-80ac1d33af01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22205", "type": "seen", "source": "https://t.me/ctinow/176136", "content": "https://ift.tt/vrb3aAS\nCVE-2024-22205 Exploit", "creation_timestamp": "2024-01-30T18:16:58.000000Z"}, {"uuid": "defa2d49-f277-4ac0-a648-d4a45ffd05d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22200", "type": "seen", "source": "https://t.me/ctinow/176105", "content": "https://ift.tt/YM7of51\nCVE-2024-22200", "creation_timestamp": "2024-01-30T17:22:00.000000Z"}, {"uuid": "c6572cd2-7bc5-42aa-9f29-89e473875cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22209", "type": "seen", "source": "https://t.me/ctinow/167770", "content": "https://ift.tt/LDyBChf\nCVE-2024-22209", "creation_timestamp": "2024-01-13T09:26:45.000000Z"}, {"uuid": "47860396-dfe8-4d73-97cb-d52ae97c9a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22203", "type": "seen", "source": "https://t.me/ctinow/172246", "content": "https://ift.tt/eiApTzw\nCVE-2024-22203", "creation_timestamp": "2024-01-23T19:26:45.000000Z"}, {"uuid": "94dd35fa-d770-4d32-8d09-38874ddec4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22207", "type": "seen", "source": "https://t.me/ctinow/168481", "content": "https://ift.tt/uDtIKH2\nCVE-2024-22207", "creation_timestamp": "2024-01-15T17:27:54.000000Z"}, {"uuid": "4b75df8d-b5fa-470f-96a9-37abb71d31c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22205", "type": "seen", "source": "https://t.me/ctinow/172248", "content": "https://ift.tt/D5ZM61H\nCVE-2024-22205", "creation_timestamp": "2024-01-23T19:26:47.000000Z"}, {"uuid": "5c2bf8b2-8895-49b7-bfac-b15b2eabf07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22204", "type": "seen", "source": "https://t.me/ctinow/172247", "content": "https://ift.tt/eQKNwJW\nCVE-2024-22204", "creation_timestamp": "2024-01-23T19:26:46.000000Z"}, {"uuid": "201e8de1-dcda-420d-8ff0-af3f209263c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22209", "type": "seen", "source": "https://t.me/ctinow/178405", "content": "https://ift.tt/sT4kIfK\nCVE-2024-22209 | Open edX edx-platform Endpoint access control (GHSA-qx8m-mqx3-j9fm)", "creation_timestamp": "2024-02-03T07:11:02.000000Z"}]}