CVE-2025-27820

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-27820

Severity

7.5

High

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release

References

https://nvd.nist.gov/vuln/detail/CVE-2025-27820
https://github.com/advisories/GHSA-73m2-qfq3-56cx
https://hc.apache.org/httpcomponents-client-5.4.x/index.html
https://security.netapp.com/advisory/ntap-20250516-0003/
https://github.com/apache/httpcomponents-client/pull/574
https://github.com/apache/httpcomponents-client/pull/621
https://lists.apache.org/thread/55xhs40ncqv97qvoocok44995xp5kqn8

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2025-27820

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company