exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2021-20220

Status Candidate

Overview

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.

Related Files

Red Hat Security Advisory 2021-2755-01
Posted Jul 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2755-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include bypass, code execution, cross site scripting, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-15522, CVE-2020-28052, CVE-2021-20220, CVE-2021-20250, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-3536
SHA-256 | 31ae69e9f08af4355de9d2d62aa94a61d534a59f0507a16500efa8303f69b4d5
Red Hat Security Advisory 2021-2210-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2210-01 - These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base. Issues addressed include bypass, code execution, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250, CVE-2021-21290
SHA-256 | 9691b25285d178232646384c2b04af0fd9b63a9114c31e28a05a6df16be9db85
Red Hat Security Advisory 2021-0974-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0974-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, and information leakage vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-28052, CVE-2020-35510, CVE-2020-7676, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | a29ebb86ed3f629b8d17d5f63140e16c1e3254c288e5ab8c7b3344fd2d510611
Red Hat Security Advisory 2021-0873-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0873-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 03dd741a96224d10d5592ded07625ec54a522bcee99d14d2435f5f27fe7e45cc
Red Hat Security Advisory 2021-0872-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0872-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 092c2a41d2ff22c35f89bfa7f90744bf559cc3a1e3087742fb8107a9906c0fff
Red Hat Security Advisory 2021-0874-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0874-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 7057f1aa47b78a2be4ceae5d05985366a1ffbdc077ba39f988cbf10582eb6a40
Red Hat Security Advisory 2021-0885-01
Posted Mar 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0885-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | fa8005447bcf4f68bf4adcf5cf81b2249271d8d87d161e0ec0e9495ea67aadc8
Page 1 of 1
Back1Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close