Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2021-0835

Malware in sbrugna...

5.9CVSS6.4AI score0.02141EPSS
Exploits0References5
OSV
OSV
added 2021/04/22 4:14 p.m.28 views

GHSA-HXP5-8PGQ-MGV9 Missing Authentication for Critical Function in Apache Calcite

"HttpUtilsgetURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses this method internally to connect with Druid and Splunk so information leakage may happen when using the respective Calcite...

5.9CVSS5.7AI score0.02141EPSS
Exploits0References4
NVD
NVD
added 2020/10/09 1:15 p.m.23 views

CVE-2020-13955

HttpUtilsgetURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapter...

5.9CVSS0.02141EPSS
Exploits0References1
Prion
Prion
added 2020/10/09 1:15 p.m.25 views

Design/Logic Flaw

HttpUtilsgetURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapter...

4.3CVSS6.2AI score0.02141EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/09 12:33 p.m.111 views

CVE-2020-13955

CVE-2020-13955 affects Apache Calcite: HttpUtils#getURLConnection disables hostname verification for HTTPS, enabling potential MITM attacks and information leakage when Calcite adapters connect to Druid or Splunk. The issue originates from a utility method that can be used to create vulnerable HT...

5.9CVSS5.3AI score0.02141EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder