Advisories ยป MGASA-2020-0428

Updated python-twisted packages fix security vulnerabilities

Publication date: 21 Nov 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-10108 , CVE-2020-10109

Description

Jake Miller and ZeddYu Lu discovered that Twisted incorrectly handled certain
content-length headers. A remote attacker could possibly use this issue to
perform HTTP request splitting attacks (CVE-2020-10108, CVE-2020-10109).
                

References

SRPMS

7/core