关键漏洞信息 漏洞编号: Bug 1731984 (CVE-2019-10212) 漏洞描述: Undertow DEBUG log for io.undertow.request.security may leak credentials to log files if enabled. 状态: CLOSED ERRATA CVE编号: CVE-2019-10212 产品: Security Response 组件: vulnerability 操作系统: Linux 优先级: medium 严重性: medium 报告时间: 2019-07-22 13:30 UTC 修复版本: Undertow 2.0.27.Final 补丁和更新: - RHSA-2019:2935, RHSA-2019:2936, RHSA-2019:2937, RHSA-2019:2938, RHSA-2019:2998, RHSA-2020:0727 受影响产品: Red Hat JBoss Enterprise Application Platform 7.2, Red Hat Openshift Application Runtimes, Red Hat Data Grid 7.3.3 缓解措施: Use Elytron instead of legacy Security subsystem. 相关链接: - https://access.redhat.com/support/policy/updates/jboss_notes - https://access.redhat.com/security/cve/cve-2019-10212