CVE-2020-13956 - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority co

CVE-2020-13956

Summary

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

References

Vulnerable Configurations

cpe:2.3:a:apache:httpclient:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:httpclient:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.11.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.11.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.12.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.12.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.13.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.14.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.14.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.15.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.15.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.16.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.16.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.16.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.16.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.17.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.17.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.18.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.18.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.19.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.19.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.19.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.19.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.20.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.20.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.21.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.22.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.22.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.23.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.24.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.24.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.25.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.25.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.26.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.26.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.26.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.26.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.27.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.27.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.28.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.28.0:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.28.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:0.28.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:-:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:candidate_release1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:candidate_release2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:cr1:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.0:cr2:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:nosql_database:19.3.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:nosql_database:19.3.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.59:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.59:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:spatial_studio:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:spatial_studio:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:spatial_studio:19.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:spatial_studio:19.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:11.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:11.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:12.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:12.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:12.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:12.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:18c:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:18c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:20.4.1.407.0006:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sql_developer:20.4.1.407.0006:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 12-05-2022 - 14:47)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:P/A:N

refmap via4

misc

https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E

mlist

[lucene-solr-user] 20201229 Upgrade httpclient version due to CVE-2020-13956?
[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list
[ranger-dev] 20201204 [jira] [Assigned] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956
[ranger-dev] 20201204 [jira] [Updated] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956
[ranger-dev] 20201215 [jira] [Commented] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956
[ranger-dev] 20201215 [jira] [Updated] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956
[ranger-dev] 20201216 [jira] [Commented] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956

Last major update

12-05-2022 - 14:47

Published

02-12-2020 - 17:15

Last modified

12-05-2022 - 14:47