Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Wed, 16 Jul 2025 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache httpclient Netapp Netapp ontap Tools |
|
CPEs | cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:* |
|
Vendors & Products |
Apache
Apache httpclient Netapp Netapp ontap Tools |
Fri, 16 May 2025 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 29 Apr 2025 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 24 Apr 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-295 | |
Metrics |
cvssV3_1
|
Thu, 24 Apr 2025 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release | |
Title | Apache HttpComponents: PSL (Public Suffix List) validation bypass | |
References |
|

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-06-04T11:20:12.764Z
Reserved: 2025-03-07T12:47:46.839Z
Link: CVE-2025-27820

Updated: 2025-05-16T23:03:12.237Z

Status : Analyzed
Published: 2025-04-24T12:15:16.723
Modified: 2025-07-16T14:48:52.213
Link: CVE-2025-27820


No data.