Apache » Httpclient : Security Vulnerabilities, CVEs, CVSS score >= 6
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.
Max CVSS
9.8
EPSS Score
0.11%
Published
2017-10-30
Updated
2020-07-28
1 vulnerabilities found