CVE-2020-1695

Опубликовано: 19 мая 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.

Релиз	Статус	Примечание
bionic	DNE
devel	needed
eoan	ignored	end of life
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needed
eoan	ignored	end of life
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 45%

0.00224

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-1695

CVSS3: 7.5

redhat

около 5 лет назад

CVE-2020-1695

CVSS3: 7.5

nvd

около 5 лет назад

CVE-2020-1695

CVSS3: 7.5

debian

около 5 лет назад

A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ...

RLSA-2021:1775

rocky

около 4 лет назад

Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

GHSA-63cq-ppq8-cw6g

CVSS3: 7.5

github

около 3 лет назад

Improper Input Validation in RESTEasy

EPSS

Процентиль: 45%

0.00224

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-1695

Описание

Пакет resteasy

Пакет resteasy3.0

Ссылки на источники

Связанные уязвимости