CVE-2013-4366
N/A
N/A
Summary
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://svn.apache.org/r1528614
- http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.3.x.txt
References
- http://svn.apache.org/r1528614
- http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.3.x.txt
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.