Описание
A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release
Ссылки
- Issue TrackingPatch
- Issue TrackingPatch
- Product
- Mailing ListPatch
- Third Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
Дефекты
Связанные уязвимости
A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release
A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release
A bug in PSL validation logic in Apache HttpClient 5.4.x disables doma ...
Уязвимость механизма PSL validation клиентского модуля Apache HttpClient средства Apache HttpComponents, позволяющая нарушителю осуществить CSRF-атаку
EPSS
7.5 High
CVSS3