MGASA-2014-0347

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2012-6153

Published: 25 Aug 2014, 08:44

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Aug 2014, 08:44

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated jakarta-commons-httpclient and httpcomponents-client packages fix security vulnerability Updated jakarta-commons-httpclient and httpcomponents-client packages fix security vulnerability: The Jakarta Commons HttpClient and Apache httpcomponents HttpClient components may be susceptible to a 'Man in the Middle Attack' due to a flaw in the default hostname verification during SSL/TLS when a specially crafted server side certificate is used (CVE-2012-6153).

Affected Systems

mageia•httpcomponents-client
< 4.2.5-1.mga3
mageia•jakarta-commons-httpclient
< 3.1-10.1.mga3

MGASA-2014-0347

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)