Software Collections@1.0 Security Vulnerabilities and Issues — Software Collections@1.0 CVE List

Lucene search

RedhatSoftware Collections1.0

4 matches found

CVE•added 2020/08/07 4:15 p.m.•3106 views

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for...

7.5CVSS8.3AI score0.76163EPSS

CVE•added 2020/02/07 3:15 p.m.•457 views

CVE-2019-15605

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

9.8CVSS9.5AI score0.32252EPSS

CVE•added 2020/02/07 3:15 p.m.•253 views

CVE-2019-15604

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

7.5CVSS8.2AI score0.04722EPSS

CVE•added 2020/01/23 10:15 p.m.•185 views

CVE-2019-17570

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issu...

9.8CVSS9.5AI score0.64972EPSS