Updated undertow packages fix security vulnerability
Publication date: 22 Jan 2021Modification date: 22 Jan 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-10719
Description
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling (CVE-2020-10719).
References
SRPMS
7/core
- undertow-1.4.0-2.1.mga7