CVE-2019-17555 is a vulnerability in Apache Olingo
Published on December 4, 2019
The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack.
Products Associated with CVE-2019-17555
Want to know whenever a new CVE is published for Apache Olingo? stack.watch will email you.
Affected Versions
Apache Olingo Version 4.0.0 to 4.6.0 is affected by CVE-2019-17555Exploit Probability
EPSS
2.20%
Percentile
84.17%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.