org.apache.httpcomponents:httpclient@4.3-beta2 vulnerabilities
-
latest version
4.5.14
-
latest non vulnerable version
-
first published
17 years ago
-
latest version published
2 years ago
-
licenses detected
- [4.0-alpha1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.httpcomponents:httpclient package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.httpcomponents:httpclient is a HttpClient component of the Apache HttpComponents project. Affected versions of this package are vulnerable to Improper Input Validation. Apache HttpClient can misinterpret malformed authority component in request URIs passed to the library as How to fix Improper Input Validation? Upgrade |
[,4.5.13)
|
org.apache.httpcomponents:httpclient is a HttpClient component of the Apache HttpComponents project. Affected versions of this package are vulnerable to Directory Traversal.
String input by user is not validated for the presence of leading character How to fix Directory Traversal? Upgrade |
[,4.5.3)
|
org.apache.httpcomponents:httpclient is a HttpClient component of the Apache HttpComponents project. Affected versions of this package are vulnerable to Denial of Service (DoS) via the How to fix Denial of Service (DoS)? Upgrade |
[4.3-alpha1,4.3.6)
|
org.apache.httpcomponents:httpclient is an HttpClient component of the Apache HttpComponents project. Affected versions of this package are vulnerable to Man-in-the-Middle (MitM) due to not verify the requesting server's hostname against existing domain names in the SSL Certificate. The How to fix Man-in-the-Middle (MitM)? Upgrade |
[4.0-alpha1,4.3.4)
|