Maven package
org.apache.calcite/calcite-druid
pkg:maven/org.apache.calcite/calcite-druid
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-13955 | — | < 1.26.0 | 1.26.0 | Oct 9, 2020 | HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respecti |
- CVE-2020-13955Oct 9, 2020affected < 1.26.0fixed 1.26.0
HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respecti