Tag Archives: Olingo

CVE-2019-17556: Unsafe deserialization in Apache Olingo

Some time ago I wrote about one security issue which I found in the library. This post describes another little vulnerability in Apache Olingo. The issue has been fixed in the 4.7.0 release as well.

By the way, Apache Olingo is a Java library that implements the Open Data Protocol (OData). This protocol allows the creation and consumption of queryable and interoperable RESTful APIs in a simple way.

CVE-2019-17556: Unsafe deserialization in Apache Olingo
Continue reading

CVE-2019-17555: DoS via Retry-After header in Apache Olingo

Apache Olingo is a Java library that implements the Open Data Protocol (OData). This protocol allows the creation and consumption of queryable and interoperable RESTful APIs in a simple way.

This post describes a little vulnerability that I recently discovered in Apache Olingo. The issue has been fixed in the 4.7.0 release.

CVE-2019-17555: DoS via Retry-After header in Apache Olingo
Continue reading