-
**Description of the issue**
Java code vulnerabilities that trust self-signed certificates for outbound HTTP requests are not detected by CodeQL. In other words, CWE-295 is not detected for self-si…
-
## CVE-2011-1498 - Low Severity Vulnerability
Vulnerable Library - httpclient-4.0.1.jar
HttpComponents Client (base module)
Library home page: http://www.apache.org/
Path to dependency file: /jetty-…
-
## Reproducer
```kotlin
import org.assertj.core.api.Assertions.assertThat
import org.http4k.client.OkHttp
import org.http4k.core.Method
import org.http4k.core.Request
import org.http4k.core.Resp…
-
### [READ] Step 1: Are you in the right place?
yes
### [REQUIRED] Step 2: Describe your environment
* Gradle version: `8.4`
* AGP version: `8.1.2`
* Firebase Component: Crashly…
-
## Steps to reproduce
- Setup Spring WebTestClient using apache httpcomponents as the underlying HTTP client library.
- Send a request with some cookies
- Read cookies from the response
## Exp…
-
This latest version of sendgrid does not support apache http client 5.
I saw another issue where you are trying to use JDK specific http libraries.
However, its been in stale since 2016 and last com…
-
low priority CVE: commons-codec:commons-codec @ 1.11 vulnerability reported by @kdefives
description:
### Summary
Apache commons-codec before 1.13 is vulnerable to information exposure. The Bas…
-
Hi, in **product-iots-3.3.1** (**\modules\scripts\mobile-qsg** module), duplicate classes with the same fully-qualified name _**org.apache.http.message.BasicHeaderValueParser**_ are included in two di…
-
Am trying to compile the app but keep getting this message :
Warning:Dependency org.apache.httpcomponents:httpclient:4.3.1 is ignored for prodDebug as it may be conflicting with the internal version …
-
As per the documentation https://docs.deps.dev/api/v3alpha/#getrequirements , this API should return
```
maven.dependencies[].version: string
The version requirement of the dependency.
```
W…