You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current version used by Apache HTTP client5 contains a severe vulnerability. See https://nvd.nist.gov/vuln/detail/CVE-2025-27820. As the current release of java-client includes this version it should be upgrade to at least 5.4.3.
Can this be done so the vulnerability is fixed. This also helps with our internal CLM software as this will flag our software which includes java-client as vulnerable and blocks our releases. And as the java-client comes with an internal version of Apache HTTP client5 we can overwrite this version ourself.
A colleague of mine already created a pull request: #556
The text was updated successfully, but these errors were encountered:
The current version used by Apache HTTP client5 contains a severe vulnerability. See https://nvd.nist.gov/vuln/detail/CVE-2025-27820. As the current release of java-client includes this version it should be upgrade to at least 5.4.3.
Can this be done so the vulnerability is fixed. This also helps with our internal CLM software as this will flag our software which includes java-client as vulnerable and blocks our releases. And as the java-client comes with an internal version of Apache HTTP client5 we can overwrite this version ourself.
A colleague of mine already created a pull request: #556
The text was updated successfully, but these errors were encountered: