Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-0289

Malware in sbrugna...

7.5CVSS7.5AI score0.02203EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/08/11 6:21 p.m.2 views

olingo-odata: Server side request forgery in AsyncResponseWrapperImpl

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can...

7.5CVSS5.8AI score0.01178EPSS
Exploits0References4
OSV
OSVadded 2020/02/04 10:37 p.m.24 views

GHSA-477X-W7M6-C6PH Improper input validation in Apache Olingo

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

7.5CVSS7.4AI score0.02203EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2020/02/04 10:37 p.m.68 views

Improper input validation in Apache Olingo

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

7.5CVSS3.4AI score0.02203EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2019/12/04 6:15 p.m.11 views

CVE-2019-17555

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

7.5CVSS6.8AI score
Exploits0References1
NVD
NVDadded 2019/12/04 6:15 p.m.10 views

CVE-2019-17555

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

7.5CVSS7.5AI score0.02203EPSS
Exploits0References1
Prion
Prionadded 2019/12/04 6:15 p.m.10 views

Design/Logic Flaw

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

5CVSS7.4AI score0.02203EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2019/12/04 5:6 p.m.15 views

CVE-2019-17555

The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...

7.4AI score0.02203EPSS
Exploits0References1
CVE
CVEadded 2019/12/04 5:6 p.m.71 views

CVE-2019-17555

CVE-2019-17555 affects Apache Olingo 4.0.0–4.6.0. The AsyncResponseWrapperImpl reads the Retry-After header and passes it directly to Thread.sleep() without validation. A malicious server could supply a huge value, enabling a denial-of-service (DoS) via blocking sleep duration. Public records (RH...

7.5CVSS7.4AI score0.02203EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder