Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAGSZ4d4B8qc1ppMhJefgatohZGUi4AriEPtSijBHUO3u2daKNg@mail.gmail.com>
Date: Wed, 8 Jan 2020 06:49:31 +0100
From: mibo <mibo@...che.org>
To: oss-security@...ts.openwall.com
Subject: [SECURITY] CVE-2020-1925: Possible SSRF in AsyncResponseWrapperImpl

CVE-2020-1925: Possible SSRF in AsyncResponseWrapperImpl

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Olingo 4.0.0 to 4.7.0
The OData v2 versions of Olingo 2.x are not affected

Description:
The AsyncRequestWrapperImpl class reads a URL from the Location
header, and then sends a GET or DELETE request to this URL. It may
allow to implement a SSRF attack. If an attacker tricks a client to
connect to a malicious server, the server can make the client call any
URL including internal resources which are not directly accessible by
the attacker.

Mitigation:
4.x.x users should upgrade to 4.7.1

Credit:
This issue was discovered by Artem Smotrakov of SAP SE.

Links:
https://issues.apache.org/jira/browse/OLINGO-1416

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.