Skip to main content

Eclipse Grizzly EUVDEUVD-2026-43641

| CVE-2026-12606 MEDIUM
HTTP Request/Response Smuggling (CWE-444)
2026-07-14 eclipse GHSA-c269-4hpf-qfhc
6.3
CVSS 4.0 · Vendor: eclipse
Share

Severity by source

Vendor (eclipse) PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Requires proxy-backend topology for effective smuggling (AC:H); scope changes as attacker affects other users' sessions (S:C); limited confidentiality and integrity impact align with request smuggling primitives.

3.1 AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (eclipse).

CVSS VectorVendor: eclipse

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jul 14, 2026 - 11:17 EUVD
Analysis Generated
Jul 14, 2026 - 09:31 vuln.today

DescriptionCVE.org

Eclipse Grizzly in versions before 5.0.2, cannot properly parse the trailer section in malformed trailer header's line, which can be leveraged to perform HTTP request smuggling.

AnalysisAI

HTTP request smuggling in Eclipse Grizzly before 5.0.2 stems from the framework's inability to correctly parse malformed trailer header lines in chunked HTTP requests, enabling CWE-444 boundary-confusion attacks. Remote unauthenticated attackers who can send crafted chunked requests through a front-end proxy to a GlassFish-backed server can cause the proxy and Grizzly to disagree on request boundaries, smuggling attacker-controlled content as the prefix of a subsequent legitimate user's request. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Identify GlassFish behind reverse proxy
Delivery
Craft chunked HTTP request with malformed trailer header
Exploit
Send to front-end proxy
Install
Proxy forwards as single request
C2
Grizzly misparses trailer boundary as new request
Execute
Smuggled payload prepended to next victim request
Impact
Attacker content processed under victim's session

Vulnerability AssessmentAI

Exploitation Exploitation is most effective when GlassFish with a vulnerable Grizzly version is deployed behind a reverse proxy or load balancer (e.g., nginx, HAProxy, Apache httpd) that forwards HTTP/1.1 chunked requests - this is the architectural condition implied by the CVSS 4.0 AT:P (Attack Requirements: Present) flag. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 6.3 with vector AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N reflects network reachability without authentication, but the AT:P (Attack Requirements: Present) flag depresses the score significantly - effective HTTP request smuggling requires a specific intermediary topology (a proxy or load balancer in the request path that interprets chunked trailers differently from Grizzly). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a crafted HTTP/1.1 request with chunked transfer-encoding and a deliberately malformed trailer header line to a reverse proxy fronting a GlassFish server. The proxy treats the entire payload as one request and forwards it, while Grizzly - due to the parser flaw - splits it into two at the malformed trailer boundary. …
Remediation Upgrade Eclipse Grizzly to version 5.0.2 or later, as stated in the CVE description as the fixed release. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43641 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy