{"id":"MGASA-2021-0052","summary":"Updated undertow packages fix security vulnerability","details":"A flaw was found in Undertow in versions before 2.1.1.Final, regarding the\nprocessing of invalid HTTP requests with large chunk sizes. This flaw allows an\nattacker to take advantage of HTTP request smuggling (CVE-2020-10719).\n","modified":"2026-04-16T04:43:40.941388586Z","published":"2021-01-22T23:50:14Z","upstream":["CVE-2020-10719"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0052.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28076"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2020-10719"}],"affected":[{"package":{"name":"undertow","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/undertow?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.0-2.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0052.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}