Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2020/01/13 6:9 a.m.22 views

CVE-2020-1925

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can...

7.5CVSS3.8AI score0.0283EPSS
Exploits0References3
OSV
OSV
added 2020/01/09 7:15 p.m.13 views

CVE-2020-1925

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can...

7.5CVSS6.7AI score
Exploits0References1
NVD
NVD
added 2020/01/09 7:15 p.m.16 views

CVE-2020-1925

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can...

7.5CVSS7.5AI score0.0283EPSS
Exploits0References1
CVE
CVE
added 2020/01/09 6:41 p.m.138 views

CVE-2020-1925

CVE-2020-1925 - Apache Olingo SSRF issue : Multiple sources describe a vulnerability in Apache Olingo versions 4.0.0–4.7.0 where the AsyncRequestWrapperImpl reads a URL from the Location header and then issues a GET or DELETE request to that URL. This can enable a Server-Side Request Forgery (SSR...

7.5CVSS7.3AI score0.0283EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/09 6:41 p.m.15 views

CVE-2020-1925

Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can...

7.4AI score0.0283EPSS
Exploits0References1
Symantec
Symantec
added 2020/01/08 12:0 a.m.25 views

Apache Olingo CVE-2020-1925 Server Side Request Forgery Access Bypass Vulnerability

Description Apache Olingo is prone to an access-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Apache Olingo versions prior to 4.7.1 are vulnerable. Technologies Affected Apache Oling...

0.9AI score0.0283EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder