You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Andrei Tuicu (Jira)" <ji...@apache.org> on 2022/02/08 16:46:00 UTC

[jira] [Created] (SLING-11131) SLING-11124 - Update Apache HTTP Client Dependency for CVE-2020-13956

Andrei Tuicu created SLING-11131:
------------------------------------

             Summary: SLING-11124 - Update Apache HTTP Client Dependency for CVE-2020-13956
                 Key: SLING-11131
                 URL: https://issues.apache.org/jira/browse/SLING-11131
             Project: Sling
          Issue Type: Task
          Components: Apache Sling Testing Clients
    Affects Versions: Apache Sling Testing Clients 3.0.10
            Reporter: Andrei Tuicu


org.apache.httpcomponents.httpclient 4.4.1 is vulnerable to CVE-2020-13956(MEDIUM)[0].

We need to update to the latest version of the Apache HTP Client 4.5.13. 

[0] https://www.cvedetails.com/cve/CVE-2020-13956/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)