Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:1861

Опубликовано: 10 мая 2022
Источник: rocky
Оценка: Moderate

Описание

Moderate: maven:3.5 security update

Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.

Security Fix(es):

  • apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
aopalliancenoarch17.module+el8.6.0+843+5a13dac3aopalliance-1.0-17.module+el8.6.0+843+5a13dac3.noarch.rpm
apache-commons-clinoarch4.module+el8.6.0+843+5a13dac3apache-commons-cli-1.4-4.module+el8.6.0+843+5a13dac3.noarch.rpm
apache-commons-codecnoarch3.module+el8.6.0+843+5a13dac3apache-commons-codec-1.11-3.module+el8.6.0+843+5a13dac3.noarch.rpm
apache-commons-ionoarch3.module+el8.6.0+843+5a13dac3apache-commons-io-2.6-3.module+el8.6.0+843+5a13dac3.noarch.rpm
apache-commons-lang3noarch3.module+el8.6.0+843+5a13dac3apache-commons-lang3-3.7-3.module+el8.6.0+843+5a13dac3.noarch.rpm
apache-commons-loggingnoarch13.module+el8.3.0+133+b8b54b58apache-commons-logging-1.2-13.module+el8.3.0+133+b8b54b58.noarch.rpm
atinjectnoarch28.20100611svn86.module+el8.6.0+843+5a13dac3atinject-1-28.20100611svn86.module+el8.6.0+843+5a13dac3.noarch.rpm
cdi-apinoarch8.module+el8.6.0+843+5a13dac3cdi-api-1.2-8.module+el8.6.0+843+5a13dac3.noarch.rpm
geronimo-annotationnoarch23.module+el8.6.0+843+5a13dac3geronimo-annotation-1.0-23.module+el8.6.0+843+5a13dac3.noarch.rpm
glassfish-el-apinoarch0.7.b08.module+el8.6.0+975+c0ed2db8glassfish-el-api-3.0.1-0.7.b08.module+el8.6.0+975+c0ed2db8.noarch.rpm

Показывать по

Связанные CVE

CVE-2020-13956

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2020-13956

CVSS3: 5.3
ubuntu
больше 4 лет назад

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

redhat логотип

CVE-2020-13956

CVSS3: 5.3
redhat
почти 5 лет назад

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

nvd логотип

CVE-2020-13956

CVSS3: 5.3
nvd
больше 4 лет назад

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

debian логотип

CVE-2020-13956

CVSS3: 5.3
debian
больше 4 лет назад

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misin ...

suse-cvrf логотип

SUSE-SU-2024:4036-1

suse-cvrf
9 месяцев назад

Security update for httpcomponents-client, httpcomponents-core