Please can upgrade the httpclient used in google-http-client ?
the vulnerability is :
CVE-2020-13956
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Environment details
- google-http-java-client version: 1.38.1 and 1.39.2
Thank you
Please can upgrade the httpclient used in google-http-client ?
the vulnerability is :
CVE-2020-13956
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Environment details
Thank you