Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software allowing attackers to perform HTTP2 attacks.

🗓️ 27 Feb 2023 08:00:00Reported by MicrosoftType

Hyperium Hyper before 0.14.19 blocks max header list size customization in H2 software, enabling HTTP/2 attacks.

Reporter	Title	Published	Views	Family All 46
Tenable Nessus	Amazon Linux 2023 : aws-nitro-enclaves-cli, aws-nitro-enclaves-cli-devel, aws-nitro-enclaves-cli-integration-tests (ALAS2023-2023-129)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : aws-nitro-enclaves-cli (ALASNITRO-ENCLAVES-2023-021)	22 Mar 202300:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: rpm-ostree (CVE-2022-31394)	3 Jul 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : aws-nitro-enclaves-cli (SUSE-SU-2023:1844-1)	15 Apr 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rustup (SUSE-SU-2023:2603-1)	23 Jun 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2023:3526-1)	6 Sep 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-rs (SUSE-SU-2024:0090-1)	12 Jan 202400:00	–	nessus
Amazon	Important: aws-nitro-enclaves-cli	22 Mar 202300:00	–	amazon
Amazon	Important: aws-nitro-enclaves-cli	21 Mar 202300:00	–	amazon
CBLMariner	CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-4	24 Mar 202323:57	–	cbl_mariner