Chapter 5. Security Fixes

This update includes fixes for the following security related issues:

IDImpactSummary

CVE-2020-1935

Low

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

CVE-2020-13935

Important

tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS