Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
httpclient vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2017-2589
It exists that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.
Redhat Jboss Fuse 6.3
Hawt Hawtio 1.4.0
6.8
CVSSv2
CVE-2021-21374
Nimble is a package manager for the Nim programming language. In Nim release versions prior to 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS without full verification of the SSL/TLS certificate due to the default setting of httpClient. ...
Nim-lang Nim
4.3
CVSSv2
CVE-2016-7964
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172...
Dokuwiki Dokuwiki 2016-06-26a
NA
CVE-2024-23838
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to...
Truelayer Truelayer.net
4.3
CVSSv2
CVE-2019-9740
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
1 Github repository
4.3
CVSSv2
CVE-2019-9947
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3