Description
According to CVE-2020-13956 https://nvd.nist.gov/vuln/detail/CVE-2020-13956
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can
misinterpret malformed authority component in request URIs passed to
the library as java.net.URI object and pick the wrong target host for
request execution.
Attachments
Issue Links
- Blocked
-
SOLR-15269 upgrade httpclient to address CVE-2020-13956
- Closed