anjackson
commented
6 years ago I had a quick look, and of course this hits the critical 'HTTP Recorder' classes which are used to record HTTP transactions in Heritrix3. Quite a large chunk of work involved there too.
A vulnerability has been detected in commons-httpclient-3.1. Also, commons-httpclient is no longer being developed. https://access.redhat.com/security/cve/CVE-2012-5783
This issue was initially brought up at https://github.com/archivesunleashed/aut/issues/5#issuecomment-324126444.