EUVD-2022-25598

Malicious code in bioql PyPI...

UBUNTU-CVE-2024-40662

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Input validation

In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User...

apache-httpclient: incorrect handling of malformed authority component in request URIs

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

Cross site request forgery (csrf)

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

Debian DLA-2405-1 : httpcomponents-client security update

Oleg Kalnichevski discovered that httpcomponents-client, a Java library for building HTTP-aware applications, can misinterpret a malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. For Debian 9 stretch,...

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...