182 matches found
Security Bulletin: Vulnerabilities in Apache HttpClient and Eclipse Jetty Affect IBM Control Center (CVE-2020-13956, CVE-2020-27218)
Summary Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request. Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when GZIP request body inflation is...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache httpclient
Summary A vulnerability in Apache httpclient used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: 177517 Description: Apache HttpComponents HttpClient could allow a remote attacker to traverse directories on the system, caused by the failure to verify the presence...
Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology
Summary Multiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...
Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.10.1 security update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache HttpClient vulnerability (CVE-2020-13956)
Summary IBM Tivoli Netcool Impact has addressed the following Apache HttpClient vulnerability. Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
Low: Red Hat Security Advisory: Red Hat Integration Tech-Preview 3 Camel K security update
An update to the Camel K operator image for Red Hat Integration tech-preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Low. A Common...
Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow - CVE-2020-4687, CVE-2020-4760, CVE-2020-4704
Summary The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache HttpClient
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache HttpClient. Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.5 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.5 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0248)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0248 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0247)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0247 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Security Bulletin: A vulnerability has been identified in Apache HttpClient shipped with IBM Spectrum Scale Transparent Cloud Tiering (CVE-2020-13956)
Summary Apache HttpClient is a component shipped with IBM Spectrum Scale Transparent Cloud Tiering. Information about security vulnerabilities affecting Apache HttpClient has been published. CVE-2020-13956 Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a...
Security Bulletin: A vulnerability has been identified in Apache HttpClient shipped with Netcool/OMNIbus Integrations Java Gateway Framework (CVE-2020-13956)
Summary Apache HttpClient is a component shipped with IBM Tivoli Netcool/OMNIbus Integrations Java Gateway Framework. Information about security vulnerabilities affecting Apache HttpClient has been published. CVE-2020-13956 Vulnerability Details CVEID: CVE-2020-13956 DESCRIPTION: Apache HttpClien...