Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:12 a.m.5 views

au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12), au.com.dius:pact-jvm-consumer-groovy-v3_2.10 (>=2.2.11 <=2.2.15) +1354 more potentially affected by CVE-2013-7397 via com.ning:async-http-client (>=1.0.0 <=1.9.0-BETA6)

com.ning:async-http-client MAVEN version =1.0.0, =2.1.1, =2.2.11, =2.2.11, =2.0.0, =2.0.0, =2.0-RC3, =2.0.0, =2.0.0, =2.0.4, =2.0-RC3, =2.0.0, =1.11, =2.0.0, =2.0.5, =2.0.5, =3.2.1 and more Source cves: CVE-2013-7397 Source advisory: OSV:GHSA-8H53-FJGG-G42G...

4.3CVSS7.1AI score0.00993EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2015-0212)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.7AI score0.00993EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/08/05 4:20 p.m.34 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.0.0 security update

Red Hat JBoss Fuse Service Works 6.0.0 roll up patch 5, which fixes two security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

4.3CVSS7AI score0.00993EPSS
Exploits0References4
OSV
OSV
added 2015/06/24 4:59 p.m.9 views

CVE-2013-7397

Async Http Client aka AHC or async-http-client before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a...

6.3AI score
Exploits0References10
CVE
CVE
added 2015/06/24 4:0 p.m.102 views

CVE-2013-7397

Async Http Client (AHC) prior to 1.9.0 fails to verify X.509 certificates unless both a keystore and a truststore are explicitly configured, enabling MITM via spoofed certificates in typical configurations. Affected component is the AHC Java library; exploitation would involve HTTPS usage with mi...

4.3CVSS9AI score0.00993EPSS
Exploits0References10Affected Software1
OpenVAS
OpenVAS
added 2015/05/09 12:0 a.m.29 views

Fedora Update for async-http-client FEDORA-2015-6891

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.5AI score
Exploits0References2
Rows per page
Query Builder