Описание
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 4.5.13-1 |
| esm-apps/bionic | released | 4.5.5-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 4.5.11-1ubuntu0.1~esm1 |
| esm-apps/jammy | not-affected | 4.5.13-1 |
| esm-apps/noble | not-affected | 4.5.13-1 |
| esm-apps/xenial | released | 4.5.1-1ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | not-affected | 4.3.3-1ubuntu0.1+esm2 |
| focal | ignored | end of standard support, was needed |
| groovy | ignored | end of life |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misin ...
Security update for httpcomponents-client, httpcomponents-core
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3