Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache HttpClient 输入验证错误漏洞
Vulnerability Description
Apache HttpClient是美国阿帕奇(Apache)软件基金会的一个用来提供高效的支持HTTP协议的客户端编程工具包。 Apache HttpClient 4.3.1之前的4.3.x版本中的http/impl/client/HttpClientBuilder.java文件存在输入验证错误漏洞。攻击者可利用该漏洞绕过安全限制,执行未授权的操作。
CVSS Information
N/A
Vulnerability Type
N/A