Lucene search
PRIOn knowledge basePRION:CVE-2013-4366HistoryOct 30, 2017 - 7:29 p.m.
Design/Logic Flaw
2017-10-3019:29:00
PRIOn knowledge base
www.prio-n.com
1
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.
| CPE | Name | Operator | Version |
|---|---|---|---|
| httpclient | eq | 4.3 beta1 | |
| httpclient | eq | 4.3 | |
| httpclient | eq | 4.3 beta2 | |
| httpclient | eq | 4.3 alpha1 |
Related
nvd
nvd
CVE-2013-4366
2017-10-30 19:29:00
cve
cve
CVE-2013-4366
2017-10-30 19:29:00
github
github
Hostname verification in Apache HttpClient 4.3 was disabled by default
2022-05-13 01:25:03
debiancve
debiancve
CVE-2013-4366
2017-10-30 19:29:00
cvelist
cvelist
CVE-2013-4366
2017-10-30 19:00:00
ubuntucve
ubuntucve
CVE-2013-4366
2017-10-30 00:00:00
osv
osv
Hostname verification in Apache HttpClient 4.3 was disabled by default
2022-05-13 01:25:03
veracode
veracode
Insecure Hostname Verification Defaults
2017-06-26 20:23:38
