149 matches found
MiracleLinux 9 : mod_http2-1.15.19-5.el9_3.1 (AXSA:2024-7695:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7695:01 advisory. httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note th...
MiracleLinux 9 : mod_http2-2.0.26-2.el9 (AXSA:2024-8097:03)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8097:03 advisory. modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.15 (RHSA-2025:16667)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16667 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release ...
TencentOS Server 3: httpd:2.4/mod_http2 (TSSA-2024:0126)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0126 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2024-27316 affecting package mod_http2 for versions less than 2.0.29-3
CVE-2024-27316 affecting package modhttp2 for versions less than 2.0.29-3. An upgraded version of the package is available that resolves this issue...
Alibaba Cloud Linux 3 : 0084: httpd:2.4 (ALINUX3-SA-2024:0084)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0084 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-27316: HTTP/2 incoming headers exceeding t...
Linux Distros Unpatched Vulnerability : CVE-2024-27316
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop...
openSUSE Security Advisory (SUSE-SU-2024:1868-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2024-27316)
The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27316 advisory. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to genera...
Security Bulletin: Vulnerability in httpd (CVE-2024-27316) affects Power HMC
Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-27316 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the failure to check or limit the use of HTTP/2 CONTINUATION frames that...
Security Bulletin: TSSC/IMC is vulnerable to a denial of service on Apache HTTP Server
Summary TSSC/IM is vulnerable to a denial of service on Apache HTTP Server. The latest code level has an upgrade to the relevant libaries to fix CVE-2024-27316. Vulnerability Details CVEID:CVE-2024-27316 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the failure t...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2668)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2024-1728932179 httpd: Fix of CVE-2024-27316
CVE-2024-27316: Limit buffering of HTTP/2 incoming headers to prevent memory exhaustion...
CLSA-2024-1728479129 Fix CVE(s): CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SECURITY UPDATE: Memory exhaustion due to excessive HTTP/2 incoming headers buffering - debian/patches/CVE-2024-27316.patch: Fix to bail after too many failed reads, increment count on request headers failed to add - CVE-2024-27316 SECURITY UPDATE: Faulty input validation in the core of Apache...
EulerOS 2.0 SP8 : mod_http2 (EulerOS-SA-2024-2480)
According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a clien...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2473)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-2480)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-2349)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-2311)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : mod_http2 (EulerOS-SA-2024-2331)
According to the versions of the modhttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...