Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-15270

upgrade httpclient to address CVE-2020-13956

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 8.8.1
    • None
    • security

    Description

      According to CVE-2020-13956 https://nvd.nist.gov/vuln/detail/CVE-2020-13956

      Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can
misinterpret malformed authority component in request URIs passed to
the library as java.net.URI object and pick the wrong target host for
request execution.

      Attachments

        Issue Links

          Blocked

          Task - A task that needs to be done. SOLR-15269 upgrade httpclient to address CVE-2020-13956

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              xiaobai Xiaobin Dai
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: