CVE-2025-11143

CVSS 3.7 · Low EPSS 0.10% · P27 Updated Mar 05, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-11143

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

输入验证不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Eclipse Jetty 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty存在输入验证错误漏洞，该漏洞源于URI解析器与其他常见解析器存在差异，可能导致安全绕过或泄露实现细节。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Eclipse Foundation	Eclipse Jetty	9.4.0 ~ 9.4.58	-

II. Public POCs for CVE-2025-11143

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-11143

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-11143

Same Patch Batch · Eclipse Foundation · 2026-03-05 · 3 CVEs total

CVE-2026-24457	9.1 CRITICAL	OpenMQ 安全漏洞
CVE-2026-1605	7.5 HIGH	Eclipse Jetty 安全漏洞

IV. Related Vulnerabilities

Same product: Eclipse Jetty

Same vendor: Eclipse Foundation

Same weakness: CWE-20

V. Comments for CVE-2025-11143

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-11143

I. Basic Information for CVE-2025-11143

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-11143

III. Intelligence Information for CVE-2025-11143

Same Patch Batch · Eclipse Foundation · 2026-03-05 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-11143

Leave a comment