Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:1044
HistoryMar 30, 2021 - 4:27 p.m.

(RHSA-2021:1044) Moderate: Red Hat Process Automation Manager 7.10.1 security update

2021-03-3016:27:02
access.redhat.com
105

0.002 Low

EPSS

Percentile

56.7%

JSON

Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services.

This release of Red Hat Process Automation Manager 7.10.1 serves as an update to Red Hat Process Automation Manager 7.10.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

  • httpclient: apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)

  • log4j-core: log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 20
openvas 9
github 3
ibm 78
veracode 2
nvd 2
debian 4
nessus 38
osv 13
ubuntucve 2
cgr 1
amazon 1
prion 2
debiancve 2
cve 2
cvelist 2
ubuntu 1
almalinux 2
rocky 2
oraclelinux 2
mageia 1
redhatcve 2
wolfi 1
f5 1
freebsd 1
rosalinux 1
attackerkb 1
atlassian 2
gentoo 1
redhat
redhat
(RHSA-2021:0603) Important: Red Hat Decision Manager 7.10.0 security update
2021-02-17 13:36:01
(RHSA-2022:0722) Moderate: rh-maven36-httpcomponents-client security update
2022-03-01 14:04:58
(RHSA-2022:1861) Moderate: maven:3.5 security update
2022-05-10 08:04:48
openvas
openvas
Apache Log4j 2.x < 2.13.2 Information Disclosure Vulnerability - Linux
2021-12-22 00:00:00
Apache Log4j 2.x < 2.13.2 Information Disclosure Vulnerability - Windows
2021-12-22 00:00:00
Debian: Security Advisory (DLA-2405-1)
2020-10-11 00:00:00
github
github
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender
2020-06-05 14:15:51
Vulnerable dependency in XTDB connector
2021-12-16 18:53:32
Cross-site scripting in Apache HttpClient
2021-06-03 23:40:23
ibm
ibm
Security Bulletin: Apache Log4j Vulnerability Affects IBM Control Center (CVE-2020-9488)
2021-07-30 05:03:13
Security Bulletin:Security Bulletin: IBM Content Navigator is affected by a vulnerability in Apache HttpClient ( CVE-2020-13956)
2020-11-09 19:26:57
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache HttpClient
2021-02-27 03:39:51
veracode
veracode
Improper Validation Of Certificate
2020-04-28 07:08:30
Validation Bypass
2020-10-12 04:02:04
nvd
nvd
CVE-2020-9488
2020-04-27 16:15:12
CVE-2020-13956
2020-12-02 17:15:14
debian
debian
[SECURITY] [DSA 4772-1] httpcomponents-client security update
2020-10-14 20:21:34
[SECURITY] [DLA 2405-1] httpcomponents-client security update
2020-10-10 17:12:02
[SECURITY] [DSA 5020-1] apache-log4j2 security update
2021-12-11 19:23:12
nessus
nessus
CentOS 8 : maven:3.5 (CESA-2022:1861)
2022-05-10 00:00:00
AlmaLinux 8 : maven:3.6 (ALSA-2022:1860)
2022-05-12 00:00:00
Rocky Linux 8 : maven:3.5 (RLSA-2022:1861)
2023-11-06 00:00:00
osv
osv
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender
2020-06-05 14:15:51
CVE-2020-9488
2020-04-27 16:15:12
Moderate: maven:3.6 security and enhancement update
2022-05-10 08:04:46
ubuntucve
ubuntucve
CVE-2020-13956
2020-12-02 00:00:00
CVE-2020-9488
2020-04-27 00:00:00
cgr
cgr
CVE-2020-13956 vulnerabilities
2024-05-19 03:07:16
amazon
amazon
Medium: httpcomponents-client
2023-02-17 00:11:00
prion
prion
Input validation
2020-04-27 16:15:00
Cross site request forgery (csrf)
2020-12-02 17:15:00
debiancve
debiancve
CVE-2020-9488
2020-04-27 16:15:12
CVE-2020-13956
2020-12-02 17:15:14
cve
cve
CVE-2020-9488
2020-04-27 16:15:12
CVE-2020-13956
2020-12-02 17:15:14
cvelist
cvelist
CVE-2020-9488
2020-04-27 15:36:10
CVE-2020-13956
2020-12-02 16:20:12
ubuntu
ubuntu
HttpClient vulnerability
2022-08-08 00:00:00
almalinux
almalinux
Moderate: maven:3.6 security and enhancement update
2022-05-10 08:04:46
Moderate: maven:3.5 security update
2022-05-10 08:04:48
rocky
rocky
maven:3.5 security update
2022-05-10 08:04:48
maven:3.6 security and enhancement update
2022-05-10 08:04:46
oraclelinux
oraclelinux
maven:3.5 security update
2022-05-17 00:00:00
maven:3.6 security and enhancement update
2022-05-17 00:00:00
mageia
mageia
Updated httpcomponents-client packages fix a security vulnerability
2021-07-07 02:12:30
redhatcve
redhatcve
CVE-2020-13956
2020-10-08 20:22:11
CVE-2020-9488
2020-05-04 17:40:34
wolfi
wolfi
CVE-2020-13956 vulnerabilities
2024-06-29 09:08:33
f5
f5
K15111130 : log4j 1.2.x vulnerability CVE-2020-9488
2022-02-10 00:00:00
freebsd
freebsd
Apache Maven -- multiple vulnerabilities
2021-04-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1909
2021-07-02 17:26:24
attackerkb
attackerkb
CVE-2019-17571
2019-12-20 00:00:00
atlassian
atlassian
Update Atlassian Platform to 3.5.19 to fix CVE-2018-1000613, CVE-2019-17571 and other vulnerabilities
2021-02-03 22:39:15
Update Atlassian Platform to 3.5.19 to fix CVE-2018-1000613, CVE-2019-17571 and other vulnerabilities
2021-02-03 22:39:15
gentoo
gentoo
Apache Log4j: Multiple Vulnerabilities
2024-02-18 00:00:00

0.002 Low

EPSS

Percentile

56.7%

JSON
Related for RHSA-2021:1044
redhat20openvas9github3ibm78veracode2nvd2debian4nessus38osv13ubuntucve2cgr1amazon1prion2debiancve2cve2cvelist2ubuntu1almalinux2rocky2oraclelinux2mageia1redhatcve2wolfi1f51freebsd1rosalinux1attackerkb1atlassian2gentoo1