Package impact
Maven / org.apache.httpcomponents:httpclient
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2013-4366 | critical | 9.8 | 9.8 | 9y ago | Hostname verification in Apache HttpClient 4.3 was disabled by default | |
| CVE-2014-3577 | medium | — | 5.8 | 12y ago | Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient | |
| CVE-2020-13956 | medium | — | 5.5 | 5y ago | Cross-site scripting in Apache HttpClient | |
| CVE-2015-5262 | medium | — | 4.3 | 11y ago | Denial of service vulnerability in org.apache.httpcomponents:httpclient | |
| CVE-2012-6153 | medium | — | 4.3 | 12y ago | Improper certificate validation in org.apache.httpcomponents:httpclient | |
| CVE-2011-1498 | medium | — | 4.3 | 15y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache HttpClient |