VDB

GCVE-VVD-MAGEIA-2021-20

GCVE-VVD-MAGEIA-2021-20
Advisory Published
Vulnetix · Advisory published February 5, 2021
While investigating Apache issue 64830 it was discovered that Apache Tomcat could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests (CVE-2020-17527). The tomcat package has been updated to version 9.0.39, and patched to fix this issue.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialinuxsampler0 (affected), 2.1.0-8.1.mga7 (unaffected)
Mageiatomcat0 (affected), 9.0.39-1.mga7 (unaffected), 0 (affected), 9.0.39-1.mga7 (unaffected)

References

Updated tomcat packages fix security vulnerability
advisory
Updated tomcat packages fix security vulnerability
issue
Updated tomcat packages fix security vulnerability
issue
Updated linuxsampler packages fix a library linking issue
advisory
Updated linuxsampler packages fix a library linking issue
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›