ghsa-v4qh-6367-4cx2
Vulnerability from github
Published
2020-02-04 22:38
Modified
2021-08-19 16:54
Severity ?
Summary
Server-Side Request Forgery (SSRF) in Apache Olingo
Details
Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 4.7.0" }, "package": { "ecosystem": "Maven", "name": "org.apache.olingo:odata-client-core" }, "ranges": [ { "events": [ { "introduced": "4.0.0" }, { "fixed": "4.7.1" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2020-1925" ], "database_specific": { "cwe_ids": [ "CWE-918" ], "github_reviewed": true, "github_reviewed_at": "2020-02-04T22:35:18Z", "nvd_published_at": null, "severity": "HIGH" }, "details": "Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker.", "id": "GHSA-v4qh-6367-4cx2", "modified": "2021-08-19T16:54:36Z", "published": "2020-02-04T22:38:38Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1925" }, { "type": "WEB", "url": "https://mail-archives.apache.org/mod_mbox/olingo-user/202001.mbox/%3CCAGSZ4d6HwpF2woOrZJg_d0SkHytXJaCtAWXa3ZtBn33WG0YFvw%40mail.gmail.com%3E" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ], "summary": "Server-Side Request Forgery (SSRF) in Apache Olingo" }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.