CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11021 – HTTP request which redirect to another hostname do not strip authorization header in Actions Http-Client
https://notcve.org/view.php?id=CVE-2020-11021
29 Apr 2020 — Actions Http-Client (NPM @actions/http-client) before version 1.0.8 can disclose Authorization headers to incorrect domain in certain redirect scenarios. The conditions in which this happens are if consumers of the http-client: 1. make an http request with an authorization header 2. that request leads to a redirect (302) and 3. the redirect url redirects to another domain or hostname Then the authorization header will get passed to the other domain. The problem is fixed in version 1.0.8. Actions Http-Client... • https://github.com/ossf-cve-benchmark/CVE-2020-11021 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-7397 – async-http-client: SSL/TLS certificate verification is disabled under certain conditions
https://notcve.org/view.php?id=CVE-2013-7397
17 Apr 2015 — Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a typical AHC configuration, as demonstrated by a configuration that does not send client certificates. Async Http Client (también conocido como AHC o async-http-client) anterior a 1.9.0 salta la verificación los certi... • http://openwall.com/lists/oss-security/2014/08/26/1 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-7398 – async-http-client: missing hostname verification for SSL certificates
https://notcve.org/view.php?id=CVE-2013-7398
17 Apr 2015 — main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. main/java/com/ning/http/client/AsyncHttpClientConfig.java en Async Http Client (también conocido como AHC o async-http-client) anterior a 1.9.0 no requiere una coincidencia de nombre de anfitrión durante la verif... • http://openwall.com/lists/oss-security/2014/08/26/1 • CWE-297: Improper Validation of Certificate with Host Mismatch CWE-345: Insufficient Verification of Data Authenticity •