Lucene search
K

75 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : maven:3.6 (AXSA:2022-3587:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3587:01 advisory. apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Tenable has extracted the preceding description block...

5.3CVSS6.7AI score0.08665EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : maven:3.5 (AXSA:2022-3572:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3572:01 advisory. apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Tenable has extracted the preceding description block...

5.3CVSS6.7AI score0.08665EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2020-13956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.UR...

5.3CVSS6.6AI score0.08665EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/19 10:55 a.m.26 views

Security Bulletin: Due to the use of Apache HttpClient, IBM EntireX is vulnerable to security restrictions being bypassed (CVE-2020-13956).

Summary Due to the use of Apache HttpClient, IBM EntireX is vulnerable to security restrictions being bypassed CVE-2020-13956. Apache HttpClient has been removed from IBM EntireX in order to address the vulnerability. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could...

5.3CVSS6.8AI score0.08665EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2024/11/21 12:0 a.m.9 views

openSUSE Security Advisory (SUSE-SU-2024:4036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.08665EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2024/11/18 3:24 p.m.16 views

Security update for httpcomponents-client, httpcomponents-core

This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: - Update to version 4.5.14 HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable...

5.4CVSS7.3AI score0.08665EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2024/11/09 12:0 a.m.6 views

httpcomponents-client-4.5.14-1.1 on GA media (moderate)

httpcomponents-client-4.5.14-1.1 on GA media Announcement ID: openSUSE-SU-2024:14478-1 Rating: moderate Cross-References: CVE-2020-13956 CVSS scores: CVE-2020-13956 SUSE : 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...

5.4CVSS8.7AI score0.08665EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 10:51 a.m.48 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...

7.5CVSS10AI score0.09149EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.22 views

Oracle Access Manager (Jul 2024 CPU)

The 12.2.1.4.0 versions of Access Manager installed on the remote host are affected by a vulnerability as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Third Party Apache HttpClient. The supported version that...

5.3CVSS6.6AI score0.08665EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/12 9:47 a.m.35 views

Security Bulletin: IBM QRadar SIEM protocols are vulnerable to Security Restriction Bypass ( CVE-2020-13956)

Summary Apache HttpClient is vulnerable to Security Restriction Bypass. Attackers can potentially break security and potentially steal sensitive information. This has been addressed with an update. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote...

5.3CVSS6.5AI score0.08665EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/19 7:11 a.m.41 views

Security Bulletin: Security fixes available for The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology

Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 and The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 contains fixes which was identified as a vulnerability during OSS scan. These version contain upgraded version of guava-28.0-jre.jar CVE-2020-8908, httpclient-4.0.jar...

9.8CVSS9.1AI score0.7848EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/17 6:45 a.m.38 views

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 269. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...

7.5CVSS9.2AI score0.08665EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.24 views

Rocky Linux 8 : maven:3.5 (RLSA-2022:1861)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1861 advisory. - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.U...

5.3CVSS6.7AI score0.08665EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/24 7:1 p.m.93 views

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...

9.8CVSS9.9AI score0.76768EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/16 1:48 p.m.34 views

Security Bulletin: Multiple Vulnerabilities of Apache HttpClient have affected IBM Jazz Reporting Service

Summary IBM Jazz Reporting Service is vulnerable to Apache HttpClient vulnerabilities described in220912, CVE-2020-13956. The fix includes httpclient-4.5.jar upgraded to httpclient-4.5.13.jar Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker t...

5.3CVSS6.2AI score0.08665EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.33 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : HttpClient vulnerability (USN-5239-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5239-1 advisory. It was discovered that HttpClient mishandled certain input. An attacker could use this vulnerability to cause a crash or possibly execute...

5.3CVSS7.2AI score0.08665EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 12:58 p.m.52 views

Security Bulletin: Vulnerabilities in Apache HttpComponents affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2012-6153, CVE-2014-3577, CVE-2020-13956)

Summary IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments Data Protection for VMware only, and IBM Storage Protect for Space Management can be affected by a vulnerability in Apache HttpComponents. The vulnerability can lead to spoofing attacks, bypass of...

5.8CVSS5.7AI score0.09149EPSS
Exploits2Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:31 a.m.55 views

Security Bulletin: Multiple Vulnerabilities of Apache HttpClient have affected IBM Jazz Reporting Service

Summary IBM Jazz Reporting Service is vulnerable to Apache HttpClient vulnerabilities described in220912, CVE-2020-13956. The fix includes httpclient-4.5.jar upgraded to httpclient-4.5.13.jar Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker t...

5.3CVSS6.2AI score0.08665EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 7:50 p.m.34 views

Security Bulletin:IBM TRIRIGA Application Platform discloses Apache HttpClient vulnerability (CVE-2020-13956)

Summary Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security...

5.3CVSS5.8AI score0.08665EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/21 12:27 p.m.32 views

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to security bypass due to Apache HttpClient (CVE-2020-13956)

Summary Vulnerability in Apache HttpClient library shipped with IBM Sterling Global Mailbox has been addressed. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed...

5.3CVSS5.7AI score0.08665EPSS
Exploits1Affected Software1
Rows per page
Query Builder