exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2021-20220

Status Candidate

Overview

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.

Related Files

Red Hat Security Advisory 2021-2755-01
Posted Jul 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2755-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include bypass, code execution, cross site scripting, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-15522, CVE-2020-28052, CVE-2021-20220, CVE-2021-20250, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-3536
SHA-256 | 31ae69e9f08af4355de9d2d62aa94a61d534a59f0507a16500efa8303f69b4d5
Red Hat Security Advisory 2021-2210-01
Posted Jun 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2210-01 - These are CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP1 code base. Issues addressed include bypass, code execution, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250, CVE-2021-21290
SHA-256 | 9691b25285d178232646384c2b04af0fd9b63a9114c31e28a05a6df16be9db85
Red Hat Security Advisory 2021-0974-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0974-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, and information leakage vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-28052, CVE-2020-35510, CVE-2020-7676, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | a29ebb86ed3f629b8d17d5f63140e16c1e3254c288e5ab8c7b3344fd2d510611
Red Hat Security Advisory 2021-0873-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0873-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 03dd741a96224d10d5592ded07625ec54a522bcee99d14d2435f5f27fe7e45cc
Red Hat Security Advisory 2021-0872-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0872-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 092c2a41d2ff22c35f89bfa7f90744bf559cc3a1e3087742fb8107a9906c0fff
Red Hat Security Advisory 2021-0874-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0874-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | 7057f1aa47b78a2be4ceae5d05985366a1ffbdc077ba39f988cbf10582eb6a40
Red Hat Security Advisory 2021-0885-01
Posted Mar 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0885-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2020-10687, CVE-2020-28052, CVE-2020-35510, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | fa8005447bcf4f68bf4adcf5cf81b2249271d8d87d161e0ec0e9495ea67aadc8
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close