Apache Olingo
3 CVEs affecting Apache Olingo. Latest disclosed: 2019-12-04. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-17555 | | 2019-12-04 | The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any… | |
CVE-2019-17556 | | 2019-12-04 | Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserializ… | |
CVE-2019-17554 | | 2019-12-04 | The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external entities. Request with c… |