Lucene search

CVE-2020-13956

🗓️ 02 Dec 2020 17:14:15Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 715 Views

CVE-2020-13956 Apache HttpClient misinterpret malformed URI

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 185
Debian	[SECURITY] [DSA 4772-1] httpcomponents-client security update	14 Oct 202020:21	–	debian
Debian	[SECURITY] [DLA 2405-1] httpcomponents-client security update	10 Oct 202017:12	–	debian
IBM Security Bulletins	Security Bulletin:Security Bulletin: IBM Content Navigator is affected by a vulnerability in Apache HttpClient ( CVE-2020-13956)	9 Nov 202019:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache HttpClient	27 Feb 202103:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache httpclient	21 Jun 202123:05	–	ibm
IBM Security Bulletins	Security Bulletin: Potential Vulnerability in Apache HttpClient used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2020-13956)	21 Nov 202209:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities of Apache HttpClient have affected IBM Jazz Reporting Service	16 Oct 202313:48	–	ibm
IBM Security Bulletins	Security Bulletin:IBM TRIRIGA Application Platform discloses Apache HttpClient vulnerability (CVE-2020-13956)	28 Jul 202319:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM protocols are vulnerable to Security Restriction Bypass ( CVE-2020-13956)	12 Jul 202409:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Stering B2B Integrator is vulnerable to security bypass due to Apache HttpClient (CVE-2020-13956)	3 Jan 202316:00	–	ibm

Nvd

Vulners

Node

apache httpclientRange<4.5.13

apache httpclientRange5.0.0–5.0.3

Node

quarkus quarkusRange<1.7.6

Node

oracle data_integratorMatch12.2.1.3.0

oracle data_integratorMatch12.2.1.4.0

oracle jd_edwards_enterpriseone_orchestratorRange<9.2.6.0

oracle jd_edwards_enterpriseone_toolsRange<9.2.6.0

oracle nosql_databaseRange<20.3

oracle peoplesoft_enterprise_peopletoolsMatch8.57

oracle peoplesoft_enterprise_peopletoolsMatch8.58

oracle peoplesoft_enterprise_pt_peopletoolsMatch8.57

oracle peoplesoft_enterprise_pt_peopletoolsMatch8.58

oracle peoplesoft_enterprise_pt_peopletoolsMatch8.59

oracle primavera_unifierRange17.7–17.12

oracle primavera_unifierMatch16.1

oracle primavera_unifierMatch16.2

oracle primavera_unifierMatch18.8

oracle primavera_unifierMatch19.12

oracle primavera_unifierMatch20.12

oracle retail_customer_management_and_segmentation_foundationRange16.0–19.0

oracle spatial_studioRange<20.1.1

oracle sql_developerRange<20.4.1.407.0006

Node

netapp active_iq_unified_managerMatch-linux

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp snapcenterMatch-

Node

oracle commerce_guided_searchMatch11.3.2

oracle communications_cloud_native_core_service_communication_proxyMatch1.14.0

oracle sql_developerRange<21.99

oracle weblogic_serverMatch12.2.1.4.0

oracle weblogic_serverMatch14.1.1.0.0

[
  {
    "product": "Apache HttpClient",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "4.5.12 and prior, 5.0.2 and prior"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a%40%3Cissues.lucene.apache.org%3E
lists	www.lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9%40%3Cdev.hive.apache.org%3E
lists	www.lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec%40%3Cissues.bookkeeper.apache.org%3E
lists	www.lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1%40%3Cissues.solr.apache.org%3E
lists	www.lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625%40%3Cissues.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d%40%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19%40%3Cdev.ranger.apache.org%3E
lists	www.lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917%40%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858%40%3Cissues.hive.apache.org%3E
lists	www.lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3%40%3Cissues.lucene.apache.org%3E

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Dec 2020 17:15Current

5.9Medium risk

Vulners AI Score5.9

CVSS25

CVSS35.3

EPSS0.00505