Lucene search
GoogleOSV:ALSA-2023:5928HistoryOct 19, 2023 - 12:00 a.m.
Important: tomcat security update
2023-10-1900:00:00
Google
osv.dev
8
apache tomcat
servlet container
java servlet
javaserver pages
ddos attack
rapid reset attack
cvss score
security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
- HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
nessus
nessus
RHEL 7 : rh-nodejs14 (RHSA-2023:5840)
2023-10-18 00:00:00
Oracle Linux 8 : dotnet7.0 (ELSA-2023-5709)
2023-10-19 00:00:00
AlmaLinux 9 : nodejs (ALSA-2023:5765)
2023-10-17 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-44487 affecting package moby-containerd-cc for versions less than 1.7.1-5
2024-02-09 19:07:07
CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5
2024-02-09 19:07:07
CVE-2023-44487 affecting package nodejs18 for versions less than 18.18.2-1
2023-11-08 02:07:28
openvas
openvas
openSUSE: Security Advisory for netty, netty (SUSE-SU-2023:4163-1)
2024-03-04 00:00:00
nghttp2 < 1.57.0 HTTP/2 Protocol DoS Vulnerability
2023-10-12 00:00:00
openSUSE: Security Advisory for nodejs10 (SUSE-SU-2023:4295-1)
2024-03-04 00:00:00
redhat
redhat
(RHSA-2023:5924) Important: varnish security update
2023-10-19 12:19:57
(RHSA-2023:5973) Important: Red Hat AMQ Streams 2.5.1 release and security update
2023-10-20 16:12:59
(RHSA-2023:7334) Important: rh-varnish6-varnish security update
2023-11-16 14:38:00
osv
osv
BIT-contour-2023-44487
2024-03-06 10:50:58
dotnet8 vulnerability
2023-10-19 15:57:27
BIT-envoy-2023-44487
2024-03-06 10:52:27
rocky
rocky
varnish security update
2023-10-24 18:36:42
varnish security update
2023-10-24 18:35:47
nodejs security update
2023-10-24 18:36:46
amazon
amazon
Important: nghttp2
2023-10-16 13:45:00
almalinux
almalinux
Important: nghttp2 security update
2023-10-18 00:00:00
Important: dotnet6.0 security update
2023-10-16 00:00:00
Important: varnish security update
2023-10-23 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: proxygen-2023.10.16.00-1.fc39
2023-11-03 19:01:54
[SECURITY] Fedora 38 Update: wangle-2023.10.16.00-1.fc38
2023-10-24 01:23:49
[SECURITY] Fedora 38 Update: fbthrift-2023.10.16.00-1.fc38
2023-10-24 01:23:49
redos
redos
ROS-20231107-01
2023-11-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-10-12 14:37:40
oraclelinux
oraclelinux
.NET 7.0 security update
2023-10-18 00:00:00
nginx:1.22 security update
2023-10-17 00:00:00
dotnet7.0 security update
2023-10-19 00:00:00
atlassian
atlassian
github
github
HTTP/2 Stream Cancellation Attack
2023-10-10 21:28:24
ibm
ibm
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Ietf Http
2023-12-11 23:12:03
slackware
slackware
[slackware-security] nghttp2
2023-10-11 06:45:34
ubuntu
ubuntu
.NET vulnerability
2023-10-19 00:00:00
thn
thn
talosblog
talosblog
What to know about the HTTP/2 Rapid Reset DDoS attacks
2023-10-11 23:06:40
hivepro
hivepro
HTTP/2 Zero-Day Exploited for the Most Explosive DDoS Attacks
2023-10-14 08:35:35
mscve
mscve
MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack
2023-10-10 07:00:00
cvelist
cvelist
CVE-2023-44487
2023-10-10 00:00:00
cloudlinux
cloudlinux
nginx: Fix of CVE-2023-44487
2023-10-23 22:50:51