2 matches found
GHSA-PQWH-44JJ-P5RM Hostname verification in Apache HttpClient 4.3 was disabled by default
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification...
Unspecified Vulnerability in Apache HttpClient
Apache HttpClient is the United States Apache Apache Software Foundation is used to provide efficient support for the HTTP protocol client programming toolkit. A security vulnerability exists in the http/impl/client/HttpClientBuilder.java file in version 4.3.x of Apache HttpClient prior to 4.3.1...