Joe Gallo

**Name of the Vulnerable Software and Affected Versions** Apache HttpClient versions 5.4.0 through 5.4.2 **Description** A bug in PSL validation logic disables domain checks, affecting cookie management and host name verification. This issue was discovered by the Apache HttpClient team. **Recommendations** For Apache HttpClient versions 5.4.0 through 5.4.2, update to version 5.4.3 to resolve the issue. As a temporary workaround, consider restricting cookie management and host name verification until the update is applied.