what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2020-13956

Status Candidate

Overview

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

Related Files

Red Hat Security Advisory 2023-3954-01
Posted Jun 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3954-01 - This release of Red Hat Fuse 7.12 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, code execution, denial of service, information leakage, resource exhaustion, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2012-5783, CVE-2020-13956, CVE-2022-24785, CVE-2022-31692, CVE-2022-36437, CVE-2022-38398, CVE-2022-38648, CVE-2022-40146, CVE-2022-41704, CVE-2022-41854, CVE-2022-41881, CVE-2022-41940, CVE-2022-41946, CVE-2022-41966
SHA-256 | b9ad17c0639a99e73879d0ac2298fc210c934f52c497fb63d77d3a07270b9229
Red Hat Security Advisory 2022-1861-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1861-01 - Maven is a software project management and comprehension tool. Based on the concept of a project object model, Maven can manage a project's build, reporting and documentation from a central piece of information.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13956
SHA-256 | 249a471578a0e166c1bf04bd49be0dfb3e83c87515228add2979407259b40218
Red Hat Security Advisory 2022-1860-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1860-01 - Maven is a software project management and comprehension tool. Based on the concept of a project object model, Maven can manage a project's build, reporting and documentation from a central piece of information.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13956
SHA-256 | 3239befea7b91666f485804919d12cde6e538daab8845b6a2dc1641c6371518f
Red Hat Security Advisory 2022-0722-01
Posted Mar 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0722-01 - HttpClient is a HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It also provides reusable components for client-side authentication, HTTP state management, and HTTP connection management.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-13956
SHA-256 | f75a0e9ebc853f15888fcd87bfcfbe518c5928674c9ccf9cbb4c4d1b26741c89
Red Hat Security Advisory 2021-4100-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4100-01 - This release of Red Hat Integration - Service registry 2.0.2.GA serves as a replacement for 2.0.1.GA, and includes the below security fixes. Issues addressed include a cross site scripting vulnerability.

tags | advisory, registry, xss
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2021-20289, CVE-2021-20293
SHA-256 | deae863e269d799eb30005e5bf746b6f54654a78cb414a871c14378bede66a03
Red Hat Security Advisory 2021-3700-01
Posted Sep 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3700-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include bypass, denial of service, information leakage, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-27223, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28169, CVE-2021-29425, CVE-2021-3425, CVE-2021-34428, CVE-2021-34429, CVE-2021-3763
SHA-256 | a8a12dcc50fccbe685347bca1c58d45fbfe797cf6ab2e35bef81923f2d3fef9b
Red Hat Security Advisory 2021-3140-01
Posted Aug 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3140-01 - This release of Red Hat Fuse 7.9.0 serves as a replacement for Red Hat Fuse 7.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, bypass, code execution, cross site scripting, denial of service, deserialization, information leakage, man-in-the-middle, memory leak, resource exhaustion, server-side request forgery, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, code execution, xss, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2017-18640, CVE-2017-5645, CVE-2019-12402, CVE-2019-14887, CVE-2019-16869, CVE-2019-20445, CVE-2020-10688, CVE-2020-10693, CVE-2020-10714, CVE-2020-10719, CVE-2020-11996, CVE-2020-13920, CVE-2020-13934, CVE-2020-13935, CVE-2020-13936, CVE-2020-13954, CVE-2020-13956, CVE-2020-14040, CVE-2020-14297, CVE-2020-14338, CVE-2020-14340, CVE-2020-1695, CVE-2020-17510, CVE-2020-17518, CVE-2020-1925, CVE-2020-1935, CVE-2020-1938
SHA-256 | 7b87634aaeff995c7acbe482688b36f551a706a54a262f6607bd35c528818502
Red Hat Security Advisory 2021-1044-01
Posted Mar 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1044-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.10.1 serves as an update to Red Hat Process Automation Manager 7.10.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-9488
SHA-256 | 797bd042bd64f6d3fc9fc559347999470fa3a64e11160e24236ffa68caed892f
Red Hat Security Advisory 2021-0811-01
Posted Mar 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0811-01 - This release of Red Hat Integration - Camel K - Tech-Preview 3 serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and man-in-the-middle vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-13946, CVE-2020-13956, CVE-2020-25649
SHA-256 | c28667fc0da99f8d9f7d95ddffa82106e756d05bf694491cc1ef1780fba154b5
Red Hat Security Advisory 2021-0603-01
Posted Feb 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0603-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.10.0 serves as an update to Red Hat Decision Manager 7.9.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-14338, CVE-2020-25638, CVE-2020-9488
SHA-256 | 9e5380638de7bd23fb712413abf091625b50472b11616e1726023c7df7b8c3ae
Red Hat Security Advisory 2021-0327-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0327-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 serves as a replacement for Red Hat Single Sign-On 7.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include memory leak and server-side request forgery vulnerabilities.

tags | advisory, web, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-10770, CVE-2020-13956, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782
SHA-256 | 8f81203dda62d0a7764d4abbc2827cd3c4b8751aed3447f09505b8eb649e2c3d
Red Hat Security Advisory 2021-0247-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0247-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | 954c22895d4d43ebc7d04d74068c41bcf58a94e529087f70a90b02dc5e11ba55
Red Hat Security Advisory 2021-0246-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0246-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | cb45a9116f8565d6f731c13f91dd2417232bc99f8563e15b672f5d1af7cd6ff8
Red Hat Security Advisory 2021-0248-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0248-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | a7b3363c6b6f72bc7fece5a7e48270da6996930ad03e880fbc61c2e56c9ade57
Red Hat Security Advisory 2021-0250-01
Posted Jan 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0250-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include information leakage and memory leak vulnerabilities.

tags | advisory, java, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-25633, CVE-2020-25640, CVE-2020-25689, CVE-2020-27782, CVE-2020-27822
SHA-256 | 8bd49d64300ed4dc398964092fdea60bbe46f9adb4fa265e603cee33d0b13966
Red Hat Security Advisory 2021-0084-01
Posted Jan 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0084-01 - This release of Red Hat build of Quarkus 1.7.6 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-13956
SHA-256 | 18f5fab23675df87d9f8227d5d229f8dfb09639b1ef1c4d4a2834cc62e528559
Debian Security Advisory 4772-1
Posted Oct 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4772-1 - Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.

tags | advisory, java, web
systems | linux, debian
advisories | CVE-2020-13956
SHA-256 | 46abf040691fa579ed519644fab0546957e697a36931ae920f60979c9e201d25
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close