Httpasyncclient Apache Httpasyncclient

Do you want an email whenever new security vulnerabilities are reported in Apache Httpasyncclient?

By the Year

In 2024 there have been 0 vulnerabilities in Apache Httpasyncclient . Httpasyncclient did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Httpasyncclient vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Httpasyncclient Security Vulnerabilities

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify

CVE-2014-3577 - August 21, 2014

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apache Httpclient or by Apache? Click the Watch button to subscribe.

Apache
Vendor

subscribe