Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/httpcomponents-client@4.5.7-1%2Bdeb10u1
purl pkg:deb/debian/httpcomponents-client@4.5.7-1%2Bdeb10u1
Next non-vulnerable version 4.5.13-2
Latest non-vulnerable version 4.5.13-2
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-mrdq-9pb2-3qb5
Aliases:
CVE-2020-13956
GHSA-7r82-7xv7-xcpj
Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
4.5.13-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-mrdq-9pb2-3qb5 Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. CVE-2020-13956
GHSA-7r82-7xv7-xcpj

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T21:14:09.348895+00:00 Debian Oval Importer Affected by VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:09:48.350216+00:00 Debian Oval Importer Fixing VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-11T20:53:56.424395+00:00 Debian Oval Importer Affected by VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:58:06.609044+00:00 Debian Oval Importer Fixing VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-08T20:33:24.804530+00:00 Debian Oval Importer Affected by VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T23:30:07.665073+00:00 Debian Oval Importer Fixing VCID-mrdq-9pb2-3qb5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0