854 matches found
Important: Red Hat Security Advisory: Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0
Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.0. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Commo...
EUVD-2023-60596
Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique. A remote attacker can rapidly create and cancel HTTP/2...
ROOT-OS-DEBIAN-12-CVE-2023-44487 CVE-2023-44487 in rootio-nginx - Patched by Root
Root has patched CVE-2023-44487 in the rootio-nginx package for Root:Debian:12. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2026-44487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios's Node.js HTTP adapter may forward a Proxy-Authorization...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7274 more potentially affected by CVE-2026-44487 via axios (>=1.0.0 <=1.15.2)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.0.1-alpha.4 and more Source cves: CVE-2026-44487 Source advisory: SNYK:JS-AXIOS-17172930...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7274 more potentially affected by CVE-2026-44487 via axios (>=1.0.0 <=1.15.2)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.0.1-alpha.4 and more Source cves: CVE-2026-44487 Source advisory: OSV:GHSA-P92Q-9VQR-4J8V...
Exploit for Uncontrolled Resource Consumption in Ietf Http
!/usr/bin/env python3 """ Evidencia CVE-2023-44487 HTTP/2 Rapi...
MiracleLinux 8 : nginx:1.20 (AXSA:2023-6513:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6513:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 8 : nginx:1.22 (AXSA:2023-6517:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6517:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 9 : nodejs-16.20.2-3.el9 (AXSA:2023-6507:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6507:05 advisory. nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A Cybertrust Japan Co., Ltd. Security...
MiracleLinux 8 : go-toolset:rhel8 (AXSA:2023-6520:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6520:01 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web server...
MiracleLinux 9 : varnish-6.6.2-3.el9.1 (AXSA:2023-6534:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6534:03 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 8 : dotnet6.0-6.0.123-1.el8.ML.1 (AXSA:2023-6511:24)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6511:24 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 7 : httpd24-nghttp2-1.7.1-11.0.1.el7 (AXSA:2024-7351:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7351:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 9 : tomcat-9.0.62-11.el9.3 (AXSA:2023-6536:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6536:04 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 9 : grafana-9.0.9-4.el9.ML.1 (AXSA:2023-6532:09)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6532:09 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 golang: net/http, x/net/http2: rapid...
MiracleLinux 9 : nginx:1.22 (AXSA:2023-6553:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6553:02 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 9 : dotnet7.0-7.0.112-1.el9.ML.1 (AXSA:2023-6508:28)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6508:28 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 8 : nghttp2-1.33.0-5.el8 (AXSA:2023-6516:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6516:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 7 : rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7 (AXSA:2023-6580:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6580:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...