CVE-2025-27820 – Apache HttpClient Domain Check Bypass Vulnerability

April 24, 2025

CVE ID : CVE-2025-27820

Published : April 24, 2025, 12:15 p.m. | 2 hours, 44 minutes ago

Description : A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46420 – Libsoup Memory Leak Vulnerability

Next Article Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2025-27820 – Apache HttpClient Domain Check Bypass Vulnerability

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

GPT-5 is finally here, and you can access it for free today – no subscription needed

CVE-2025-30330 – Adobe Illustrator Heap-based Buffer Overflow Vulnerability

Chaos Testing Explained

CVE-2025-28021 – TOTOLINK A810R Buffer Overflow Vulnerability

Promise.try for Unified Sync and Async Error Handling

CVE-2025-5186 – Thinkgem JeeSite SSRF

Perficient Included in IDC Market Glance: Payer, 1Q25

The next chapter of our Gemini era

CVE-2025-27820 – Apache HttpClient Domain Check Bypass Vulnerability

Related Posts