4 matches found
RHEL 7 : httpclient (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Note that...
MGASA-2021-0314 Updated httpcomponents-client packages fix a security vulnerability
Priyank Nigam discovered that HttpComponents Client could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution CVE-2020-13956...
Security Bulletin: Vulnerabilities in Apache HttpClient and Eclipse Jetty Affect IBM Control Center (CVE-2020-13956, CVE-2020-27218)
Summary Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request. Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when GZIP request body inflation is...
Low: Red Hat Security Advisory: Red Hat Integration Tech-Preview 3 Camel K security update
An update to the Camel K operator image for Red Hat Integration tech-preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Low. A Common...