Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-29631

Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequest#set and `jodd.http.HttpRequest#send. These vulnerabilities allow attackers to execute Server-Side Request Forgery (SSRF) via a crafted TCP payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2022-29631
  • Jodd » Jodd Http » Version: 5.0
    cpe:2.3:a:jodd:jodd_http:5.0
  • Jodd » Jodd Http » Version: 6.0.1
    cpe:2.3:a:jodd:jodd_http:6.0.1
  • Jodd » Jodd Http » Version: 6.0.2
    cpe:2.3:a:jodd:jodd_http:6.0.2
  • Jodd » Jodd Http » Version: 6.0.3
    cpe:2.3:a:jodd:jodd_http:6.0.3
  • Jodd » Jodd Http » Version: 6.0.4
    cpe:2.3:a:jodd:jodd_http:6.0.4
  • Jodd » Jodd Http » Version: 6.0.5
    cpe:2.3:a:jodd:jodd_http:6.0.5
  • Jodd » Jodd Http » Version: 6.0.6
    cpe:2.3:a:jodd:jodd_http:6.0.6
  • Jodd » Jodd Http » Version: 6.0.7
    cpe:2.3:a:jodd:jodd_http:6.0.7
  • Jodd » Jodd Http » Version: 6.0.8
    cpe:2.3:a:jodd:jodd_http:6.0.8
  • Jodd » Jodd Http » Version: 6.0.9
    cpe:2.3:a:jodd:jodd_http:6.0.9
  • Jodd » Jodd Http » Version: 6.1.0
    cpe:2.3:a:jodd:jodd_http:6.1.0
  • Jodd » Jodd Http » Version: 6.2.0
    cpe:2.3:a:jodd:jodd_http:6.2.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved