You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Andrei Tuicu (Jira)" <ji...@apache.org> on 2022/02/08 16:46:00 UTC
[jira] [Created] (SLING-11131) SLING-11124 - Update Apache HTTP Client Dependency for CVE-2020-13956
Andrei Tuicu created SLING-11131:
------------------------------------
Summary: SLING-11124 - Update Apache HTTP Client Dependency for CVE-2020-13956
Key: SLING-11131
URL: https://issues.apache.org/jira/browse/SLING-11131
Project: Sling
Issue Type: Task
Components: Apache Sling Testing Clients
Affects Versions: Apache Sling Testing Clients 3.0.10
Reporter: Andrei Tuicu
org.apache.httpcomponents.httpclient 4.4.1 is vulnerable to CVE-2020-13956(MEDIUM)[0].
We need to update to the latest version of the Apache HTP Client 4.5.13.
[0] https://www.cvedetails.com/cve/CVE-2020-13956/
--
This message was sent by Atlassian Jira
(v8.20.1#820001)