CVE-2020-13956 (httpclient)

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

View Full Alert

Related Posts

  • CVE-2020-10936

    Sympa before 6.2.56 allows privilege escalation. View Full Alert

  • CVE-2020-10945

    Centreon before 19.10.7 exposes Session IDs in server responses. View Full Alert

  • CVE-2020-13168

    SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter. View Full Alert