Apache Httpasyncclient
By the Year
In 2024 there have been 0 vulnerabilities in Apache Httpasyncclient . Httpasyncclient did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Httpasyncclient vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Httpasyncclient Security Vulnerabilities
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify
CVE-2014-3577
- August 21, 2014
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Httpclient or by Apache? Click the Watch button to subscribe.