Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2013-7398
- EPSS 1.23%
- Published 24.06.2015 16:59:01
- Last modified 12.04.2025 10:46:40
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof ...
4.3
CVE-2013-7397
- EPSS 1.06%
- Published 24.06.2015 16:59:00
- Last modified 12.04.2025 10:46:40
Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presen...
1