Lucene search
Redhat.comRH:CVE-2024-37890HistoryJun 17, 2024 - 9:51 p.m.
CVE-2024-37890
2024-06-1721:51:19
redhat.com
access.redhat.com
6
cve-2024-37890
security information
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
13.1%
A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the ‘server.maxHeadersCount’ threshold could be used to crash a ws server, leading to a denial of service.
Related
debiancve
debiancve
CVE-2024-37890
2024-06-17 20:15:13
osv
osv
ws affected by a DoS when handling a request with many HTTP headers
2024-06-17 19:09:10
CGA-h8rj-78mh-45v7
2024-06-19 07:34:55
CGA-r6qh-9mxv-rrj2
2024-06-21 16:23:00
veracode
veracode
Denial Of Service (DoS)
2024-06-19 06:39:43
cve
cve
CVE-2024-37890
2024-06-17 20:15:13
cvelist
cvelist
nvd
nvd
CVE-2024-37890
2024-06-17 20:15:13
ubuntucve
ubuntucve
CVE-2024-37890
2024-06-17 00:00:00
vulnrichment
vulnrichment
github
github
ws affected by a DoS when handling a request with many HTTP headers
2024-06-17 19:09:10
wolfi
wolfi
CVE-2024-37890 vulnerabilities
2024-06-26 15:33:03
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
13.1%
Related for RH:CVE-2024-37890