Moderate severityNVD Advisory· Published Jan 14, 2021· Updated Aug 4, 2024
CVE-2020-27219
CVE-2020-27219
Description
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.eclipse.hawkbit:hawkbit-parentMaven | < 0.3.0M7 | 0.3.0M7 |
Affected products
2- The Eclipse Foundation/Eclipse Hawkbitv5Range: All versions prior 0.3.0M7
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-rcvx-rmvf-mxchghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-27219ghsaADVISORY
- bugs.eclipse.org/bugs/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/eclipse/hawkbit/commit/94b7c12cde1b38eda5414bd88d6d068008cfb9f9ghsaWEB
- github.com/eclipse/hawkbit/issues/1067ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.