http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x prior to 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows malicious users to have unspecified impact via vectors involving hostname verification.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache httpclient 4.3 |