Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2020/02/04 10:38 p.m.3 views

com.genexus:gxodata (>=2.6.2 <=2.7.30), com.github.axway-api-management-plus.apim-cli:apimcli-apim-adapter (>=1.14.4 <=1.14.13) +44 more potentially affected by CVE-2020-1925 via org.apache.olingo:odata-client-core (>=4.0.0 <=4.7.0)

org.apache.olingo:odata-client-core MAVEN version =4.0.0, =2.6.2, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =0.1.14, =1.0.0-RELEASE, =1.0.0-RELEASE, =4.26.0, =5.2.0 and more Source cves: CVE-2020-1925 Source advisory: OSV:G...

7.5CVSS7.1AI score0.0283EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/02/04 10:37 p.m.5 views

com.genexus:gxodata (>=2.6.2 <=2.7.30), com.github.axway-api-management-plus.apim-cli:apimcli-apim-adapter (>=1.14.4 <=1.14.13) +44 more potentially affected by CVE-2019-17554 via org.apache.olingo:odata-client-core (>=4.0.0 <=4.6.0)

org.apache.olingo:odata-client-core MAVEN version =4.0.0, =2.6.2, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =0.1.14, =1.0.0-RELEASE, =1.0.0-RELEASE, =4.26.0, =5.2.0 and more Source cves: CVE-2019-17554 Source advisory: OSV...

5.5CVSS6AI score0.12245EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2020/02/04 10:37 p.m.4 views

com.genexus:gxodata (>=2.6.2 <=2.7.30), com.github.axway-api-management-plus.apim-cli:apimcli-apim-adapter (>=1.14.4 <=1.14.13) +44 more potentially affected by CVE-2019-17555 via org.apache.olingo:odata-client-core (>=4.0.0 <=4.6.0)

org.apache.olingo:odata-client-core MAVEN version =4.0.0, =2.6.2, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =1.14.4, =0.1.14, =1.0.0-RELEASE, =1.0.0-RELEASE, =4.26.0, =5.2.0 and more Source cves: CVE-2019-17555 Source advisory: OSV...

7.5CVSS7AI score0.02067EPSS
Exploits0
Veracode
Veracode
added 2020/01/14 2:42 a.m.17 views

Server-Side Request Forgery

odata-client-core is vulnerable to cross-site request forgery CSRF. The AsyncRequestWrapperImpl class reads a URL from the Location header and sends a GET/DELETE request to the URL without verifying the authenticity of the request. This allows a remote attacker to trick a user into visiting a...

7.5CVSS2.9AI score0.0283EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder