Primary

Context

Apache HttpClient Public Suffix List Validation Bypass Vulnerability

Vulnerability

Patched

A vulnerability exists in Apache HttpClient versions 5.4.0 prior to 5.4.3, where a bug in the Public Suffix List (PSL) validation logic disables essential domain checks. This flaw affects cookie management and host name verification, potentially leading to unauthorized access or information disclosure. The issue was discovered by the Apache HttpClient team and is fixed in version 5.4.3.

Impact

Exploitation of this vulnerability bypasses Public Suffix List validation, disrupting cookie management and host name verification. This could result in unauthorized access or information disclosure.

Remediation

Users are advised to upgrade to Apache HttpClient version 5.4.3, which addresses this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache HttpClient Public Suffix List Validation Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apache HttpClient

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating