[DRILL-7946] Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.19.0
Component/s: None
Labels:
None

Description

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

Attachments

Activity

People

Assignee:: Cong Luo

Reporter:: Cong Luo

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Jun/21 07:27

Updated:: 04/Jun/21 21:54

Resolved:: 04/Jun/21 21:20