CVE-2025-27820 vulnerabilities

🗓️ 07 Jan 2026 01:51:23Reported by WolfiType

CVE-2025-27820 vulnerabilities in OpenSearch packages on Unix.

Reporter	Title	Published	Views	Family All 40
IBM Security Bulletins	Security Bulletin: A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, which affects IBM watsonx.data	1 Sep 202514:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Access Control vulnerability in Apache HttpClient [CVE-2025-27820]	28 Aug 202517:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team.	9 May 202509:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in httpclient5-5.4.2.jar	11 Jul 202511:33	–	ibm
Atlassian	Third-Party Dependency in Bamboo Data Center and Server	8 Jul 202505:09	–	atlassian
Atlassian	MITM (Man-in-the-Middle) org.apache.httpcomponents.client5:httpclient5 Dependency in Confluence Data Center and Server	2 Jul 202504:09	–	atlassian
Atlassian	MITM (Man-in-the-Middle) org.apache.httpcomponents.client5:httpclient5 Dependency in Jira Software Data Center and Server	5 Jul 202505:09	–	atlassian
BDU FSTEC	The vulnerability of the PSL validation mechanism in the Apache HttpClient client module of Apache HttpComponents allows a attacker to perform a CSRF attack.	28 Apr 202500:00	–	bdu_fstec
Chainguard	CVE-2025-27820 vulnerabilities	26 Apr 202501:14	–	cgr
Circl	CVE-2025-27820	24 Apr 202512:06	–	circl