{"id":"MGASA-2020-0231","summary":"Updated nginx packages fix security vulnerability","details":"Nginx was updated due to the following vulnerabilities:\nngx_http_special_response.c: With a certain error_page configuration,\nHTTP request smuggling is possible. Thus, an attacker may be able to\nread unauthorized web pages at times when NGINX is being fronted by a\nload balancer. (CVE-2019-20372).\n","modified":"2026-04-16T00:12:29.584853724Z","published":"2020-05-27T09:52:46Z","upstream":["CVE-2019-20372"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0231.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26086"},{"type":"WEB","url":"https://usn.ubuntu.com/4235-1/"}],"affected":[{"package":{"name":"nginx","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/nginx?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.1-1.2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0231.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}