K000151334: Apache HttpClient vulnerability CVE-2025-27820

Security Advisory Description A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release CVE-2025-27820 Impact There is no impact; F5 products are not...

Apache HttpClient Logic Error Vulnerability

Apache HttpClient is the United States Apache Apache Foundation of a Java written to access HTTP resources client program. The program is used to access network resources using the HTTP protocol. A logic error vulnerability exists in Apache HttpClient versions prior to 5.4.3, which stems from a P...

Security Bulletin: Due to the use of Apache HttpClient, IBM EntireX is vulnerable to security restrictions being bypassed (CVE-2020-13956).

Summary Due to the use of Apache HttpClient, IBM EntireX is vulnerable to security restrictions being bypassed CVE-2020-13956. Apache HttpClient has been removed from IBM EntireX in order to address the vulnerability. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could...

CentOS 8 : maven:3.5 (CESA-2022:1861)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:1861 advisory. - apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Note that Nessus has not tested for this issue but has...