Every CVE whose affected-product data names Apache Olingo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-17556 — CVSS 9.8 (critical): Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check…
CVE-2019-17555 — CVSS 7.5 (high): The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the…
CVE-2020-1925 — CVSS 7.5 (high): Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends…
CVE-2019-17554 — CVSS 5.5 (medium): The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external…