Uploaded image for project: 'Hue (READ ONLY)'
  1. Hue (READ ONLY)
  2. HUE-4454

[security] Disclosure of Web Server Information

          Details

          • Type: Bug
          • Status: Resolved
          • Priority: Major
          • Resolution: Fixed
          • Affects Version/s: 3.10.0
          • Fix Version/s: 3.11.0
          • Component/s: core.api
          • Labels:
            None

            Description

            Web server information is disclosed in the HTTP request header. Known security vulnerabilities are often tied to specific versions of application software and knowledge of the specific version number can enable an adversary to design more focused attacks against the application.

              Attachments

                Issue Links

                blocks

                Improvement - An improvement or enhancement to an existing feature or task. HUE-3029 [desktop] Filter out CherryPy server header

                • Minor - Minor loss of function, or other problem where easy workaround is present.
                • Resolved

                  Activity

                    People

                    • Assignee:
                      ranade Prakash
                      Reporter:
                      ranade Prakash
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      1 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: