sonatype-2017-0359

sonatype-2017-0359

org.apache.httpcomponents:httpclient - Directory Traversal

Published Sep 25, 2017

CVSS ScoreHigh

7.5

sonatype-2017-0359

org.apache.httpcomponents:httpclient - Directory Traversal

Published Sep 25, 2017

CVSS ScoreHigh

7.5

CVE ID: sonatype-2017-0359
CWE: N/A
CVE Description: org.apache.httpcomponents:httpclient - Directory Traversal
Published: Sep 25, 2017
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/apache/hc/core5/net/URIBuilder.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
org/apache/http/client/utils/URIBuilder.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
org/apache/http/client/utils/URIUtils.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: Sonatype
References: Apache Jira · HTTPCLIENT-1803PROJECT

CVE ID: sonatype-2017-0359
CWE: N/A
CVE Description: org.apache.httpcomponents:httpclient - Directory Traversal
Published: Sep 25, 2017
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/apache/hc/core5/net/URIBuilder.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
org/apache/http/client/utils/URIBuilder.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
org/apache/http/client/utils/URIUtils.normalizePath(Ljava/lang/String;)Ljava/lang/String;
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: Sonatype
References: Apache Jira · HTTPCLIENT-1803PROJECT

Find vulnerabilities. Fix fast with AI.