CVE-2020-13956 log

Source
Severity Medium
Remote Yes
Type Insufficient validation
Description
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Group Package Affected Fixed Severity Status Ticket
AVG-1863 maven 3.6.3-1 3.8.1-1 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2020/10/08/4