Lucene search
HistoryOct 05, 2023 - 6:15 p.m.
CVE-2023-44386
vapor
http
denial of service
vulnerability
fixed
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
27.3%
Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.
Affected configurations
Node
vaporvaporRange4.83.2–4.84.2
Related
github
github
Vapor's incorrect request error handling triggers server crash
2023-10-05 20:55:58
gitlab
gitlab
Vapor's incorrect request error handling triggers server crash
2023-10-05 00:00:00
osv
osv
CVE-2023-44386
2023-10-05 18:15:12
Vapor's incorrect request error handling triggers server crash
2023-10-05 20:55:58
cvelist
cvelist
vulnrichment
vulnrichment
prion
prion
Denial of service
2023-10-05 18:15:00
cve
cve
CVE-2023-44386
2023-10-05 18:15:12
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
27.3%
Related for NVD:CVE-2023-44386