admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2020-1757 init

Browse Source
This commit is contained in:
mrehak@redhat.com 2020-04-20 09:45:16 +02:00
parent d517d9e9c4
commit 8156a20dd2
No known key found for this signature in database
GPG Key ID: 61C2AB3CDC29106F
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2020/1xxx/CVE-2020-1757.json
View File

@ -18,7 +18,10 @@
"version": {
"version_data": [
{
"version_value": "None"
"version_value": "all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1"
},
{
"version_value": "all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final"
}
]
}
@ -62,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Undertow where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass."
"value": "A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass."
}
]
},