Vulnerabilities > Apache > Calcite > 1.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-09 | CVE-2020-13955 | Missing Authentication for Critical Function vulnerability in Apache Calcite HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. | 4.3 |