Lucene search

K
githubGitHub Advisory DatabaseGHSA-GW85-4GMF-M7RH
HistoryMay 17, 2022 - 5:39 a.m.

Exposure of Sensitive Information to an Unauthorized Actor in Apache HttpClient

2022-05-1705:39:03
CWE-200
GitHub Advisory Database
github.com
17

0.002 Low

EPSS

Percentile

59.8%

Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.

0.002 Low

EPSS

Percentile

59.8%