[jira] [Created] (HTTPCLIENT-1551) CVE-2014-3577 Is MITM possible in commons httpclient 3.x

pavan (JIRA) Thu, 04 Sep 2014 22:34:21 -0700

pavan created HTTPCLIENT-1551:
---------------------------------

             Summary: CVE-2014-3577 Is MITM possible in commons httpclient 3.x
                 Key: HTTPCLIENT-1551
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1551
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 3.1 (end of life)
            Reporter: pavan
            Priority: Critical



Recently there was a CVE CVE-2014-3577 which can by pass hostname verification 
during ssl handshake. We know Commons HTTPCLIENT 3.1 is EOL but just wanted to 
check whether this issue feasible to this EOL version or not.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (HTTPCLIENT-1551) CVE-2014-3577 Is MITM possible in commons httpclient 3.x

Reply via email to