pkg:Maven/org.apache.httpcomponents.client5:httpclient5

2 total CVEsHIGH2

✅ Check your installed version

HIGH7.5CVE-2025-27820Apache HttpClient disables domain checks
>= 5.4-alpha1, < 5.4.3
HIGH7.3CVE-2026-40542Apache HttpClient accepts SCRAM-SHA-256 authentication without proper mutual authentication verification
>= 5.6-alpha1, < 5.6.1