Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.httpcomponents.client5/httpclient5@5.4-alpha1
purl pkg:maven/org.apache.httpcomponents.client5/httpclient5@5.4-alpha1
Next non-vulnerable version 5.4.3
Latest non-vulnerable version 5.4.3
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-amws-s4rx-n7fb
Aliases:
CVE-2025-27820
GHSA-73m2-qfq3-56cx
Apache HttpClient disables domain checks A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release.
5.4.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T23:27:14.681791+00:00 GitLab Importer Affected by VCID-amws-s4rx-n7fb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents.client5/httpclient5/CVE-2025-27820.yml 38.4.0
2026-04-12T00:46:44.249340+00:00 GitLab Importer Affected by VCID-amws-s4rx-n7fb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents.client5/httpclient5/CVE-2025-27820.yml 38.3.0
2026-04-07T04:57:38.965969+00:00 GHSA Importer Affected by VCID-amws-s4rx-n7fb https://github.com/advisories/GHSA-73m2-qfq3-56cx 38.1.0
2026-04-03T00:54:44.447294+00:00 GitLab Importer Affected by VCID-amws-s4rx-n7fb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents.client5/httpclient5/CVE-2025-27820.yml 38.1.0
2026-04-02T12:41:18.492163+00:00 GitLab Importer Affected by VCID-amws-s4rx-n7fb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.httpcomponents.client5/httpclient5/CVE-2025-27820.yml 38.0.0