http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.

http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.

http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x bef ...

Hostname verification in Apache HttpClient 4.3 was disabled by default

Уязвимость клиентского модуля Apache HttpClient средства Apache HttpComponents (http/impl/client/HttpClientBuilder.java), позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации