Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache httpclient |
||
quarkus quarkus |
||
oracle primavera unifier 16.2 |
||
oracle primavera unifier 16.1 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle primavera unifier 18.8 |
||
oracle data integrator 12.2.1.3.0 |
||
oracle primavera unifier |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle primavera unifier 19.12 |
||
oracle data integrator 12.2.1.4.0 |
||
oracle primavera unifier 20.12 |
||
oracle peoplesoft enterprise pt peopletools 8.57 |
||
oracle nosql database |
||
oracle peoplesoft enterprise pt peopletools 8.59 |
||
oracle peoplesoft enterprise pt peopletools 8.58 |
||
oracle retail customer management and segmentation foundation |
||
oracle sql developer |
||
oracle spatial studio |
||
oracle jd edwards enterpriseone tools |
||
oracle jd edwards enterpriseone orchestrator |
||
netapp snapcenter - |
||
netapp active iq unified manager - |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle weblogic server 14.1.1.0.0 |
||
oracle commerce guided search 11.3.2 |
||
oracle communications cloud native core service communication proxy 1.14.0 |