VDB
GCVE-110-MAGEIA-2020-397
GCVE-110-MAGEIA-2020-397
Advisory Published
If an HTTP/2 client exceeded the agreed maximum number of concurrent streams
for a connection (in violation of the HTTP/2 protocol), it was possible that a
subsequent request made on that connection could contain HTTP headers -
including HTTP/2 pseudo headers - from a previous request rather than the
intended headers. This could lead to users seeing responses for unexpected
resources (CVE-2020-13943).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | tomcat | 0 (affected), 9.0.38-1.mga7 (unaffected) | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.