Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)

Source

ALAS2-2023-1946

Amazon Linux 2 Security Advisory: ALAS-2023-1946
Advisory Release Date: 2023-02-17 00:11 Pacific
Advisory Updated Date: 2023-02-22 01:55 Pacific

Severity: Medium

References: CVE-2020-13956
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. (CVE-2020-13956)

Affected Packages:

httpcomponents-client

Issue Correction:
pkg_manager = 'yum'Run update httpcomponents-client to update your system.

New Packages:

noarch:
    httpcomponents-client-4.2.5-5.amzn2.0.1.noarch
    httpcomponents-client-javadoc-4.2.5-5.amzn2.0.1.noarch

src:
    httpcomponents-client-4.2.5-5.amzn2.0.1.src

Additional References

Red Hat: CVE-2020-13956

Mitre: CVE-2020-13956

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2023-1946

ALAS2-2023-1946

Additional References

Vulmon Search

About

Products

Connect