Lucene search

K
atlassianDblackCWD-4355
HistoryMay 12, 2015 - 7:34 a.m.

Update the version of commons-httpclient to address CVE-2012-5783 & CVE-2014-3577 and gain SNI support

2015-05-1207:34:43
dblack
jira.atlassian.com
20

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.2%

Upgrade commons-httpclient to version {{3.1-atlassian-2}} to gain SNI support and to fix CVE-2012-5783 & CVE-2014-3577.

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

61.2%