Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

CVE-2020-13956: Update commons-httpclient to 4.5.13

Description

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Benjamin Reed June 8, 2021 at 5:49 PM

Merged to foundation-2018

Fixed

Details

Assignee

Reporter

Fix versions

Affects versions

Priority

PagerDuty

Created June 8, 2021 at 3:01 PM
Updated July 13, 2021 at 2:39 PM
Resolved June 8, 2021 at 5:49 PM