Holger-Seemueller

Name of the Vulnerable Software and Affected Versions: Eclipse Hawkbit versions prior to 0.3.0M7 Description: The HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the `path` attribute. Sending a POST request to a non-existing resource will return the full path from the given URL unescaped to the client. Recommendations: For Eclipse Hawkbit versions prior to 0.3.0M7, update to version 0.3.0M7 or later to resolve the issue. As a temporary workaround, consider restricting access to the REST API to minimize the risk of exploitation. Avoid sending POST requests to non-existing resources until the issue is resolved.