Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache httpclient |
||
quarkus quarkus |
||
oracle data integrator 12.2.1.3.0 |
||
oracle data integrator 12.2.1.4.0 |
||
oracle jd edwards enterpriseone orchestrator |
||
oracle jd edwards enterpriseone tools |
||
oracle nosql database |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle peoplesoft enterprise pt peopletools 8.57 |
||
oracle peoplesoft enterprise pt peopletools 8.58 |
||
oracle peoplesoft enterprise pt peopletools 8.59 |
||
oracle primavera unifier |
||
oracle primavera unifier 16.1 |
||
oracle primavera unifier 16.2 |
||
oracle primavera unifier 18.8 |
||
oracle primavera unifier 19.12 |
||
oracle primavera unifier 20.12 |
||
oracle retail customer management and segmentation foundation |
||
oracle spatial studio |
||
oracle sql developer |
||
netapp active iq unified manager - |
||
netapp snapcenter - |
||
oracle commerce guided search 11.3.2 |
||
oracle communications cloud native core service communication proxy 1.14.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle weblogic server 14.1.1.0.0 |