[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2014-3577":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":19,"related":20,"reserved_at":9,"published_at":21,"modified_at":22,"state":9,"summary":23,"references_raw":25,"kevs":32,"epss":9,"epss_history":33,"metrics":34,"affected":35},"DEBIAN-CVE-2014-3577","org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \"CN=\" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the \"foo,CN=www.apache.org\" string in the O field.",null,[],[],[],[14],{"_key":15},"CVE-2014-3577",[17],{"_key":18},"DLA-222-1",[],[],"2014-08-21T14:55:05.100Z","2026-04-28T20:13:18.378701Z",{"cisa_kev":24,"cisa_ransomware":24,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[26],{"url":27,"sources":28,"tags":30},"https://security-tracker.debian.org/tracker/CVE-2014-3577",[29],"osv_debian",[31],"Advisory",[],[],[],[36,51],{"ecosystem":37,"name":38,"vendor":39,"product":38,"cpe_part":9,"purl_type":40,"purl_namespace":39,"purl_name":38,"source":9,"versions":41},"Debian","commons-httpclient","debian","deb",[42,48,49,50],{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},"lt3_1_11",true,"ecosystem","3.1-11","excluding",{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},{"ecosystem":37,"name":52,"vendor":39,"product":52,"cpe_part":9,"purl_type":40,"purl_namespace":39,"purl_name":52,"source":9,"versions":53},"httpcomponents-client",[54,57,58,59],{"version":55,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":47,"fixed_in":9},"lt4_3_5_1","4.3.5-1",{"version":55,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":47,"fixed_in":9},{"version":55,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":47,"fixed_in":9},{"version":55,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":47,"fixed_in":9}]