HTTP/2 trailer out-of-bounds read

libcurl contains an out bounds read in code handling HTTP/2 trailers. It was reported that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once...

UBUNTU-CVE-2018-1000005

libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported https://github.com/curl/curl/pull/2231 that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the...

CVE-2017-6151

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM...

ALPINE-CVE-2017-15896

Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSLread due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption...

DEBIAN-CVE-2015-3249

The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service out-of-bounds access and daemon crash or possibly execute arbitrary code via vectors related to the 1 framehandlers array or 2 setdynamictablesize function...

UBUNTU-CVE-2015-3249

The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service out-of-bounds access and daemon crash or possibly execute arbitrary code via vectors related to the 1 framehandlers array or 2 setdynamictablesize function...

The vulnerability of the HTTP/2 module of the Apache Traffic Server allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the HTTP/2 module in the Apache Traffic Server exists due to improper handling of HTTP/2 requests. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the HTTP/2 module of the Apache Traffic Server allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the HTTP/2 module in the Apache Traffic Server exists due to improper handling of HTTP/2 requests. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data...

DEBIAN-CVE-2015-5206

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168...

The vulnerability of the Apache Tomcat application server’s HTTP/2 implementation allows attackers to bypass security checks.

The vulnerability of the Apache Tomcat application server that implements HTTP/2 exists due to an incorrect path limitation for the directory with restricted access. Exploiting this vulnerability allows a malicious actor to bypass security checks by using a specially crafted URL link...

BSA-2017-363

Security Advisory ID : BSA-2017-363 Component : Apache Revision : 1.0: Interim A maliciously constructed HTTP/2 request could cause modhttp2 to dereference a NULL pointer and crash the server process. Affected Products Brocade is investigating its product lines to determine which products may be...

Apache Tomcat Directory Traversal Vulnerability (CNVD-2017-28315)

Apache Tomcat is a popular open source JSP application server program. Apache Tomcat suffers from a security restriction bypass vulnerability in the HTTP/2 implementation, which allows remote attackers to submit specially crafted requests to bypass security restrictions and conduct unauthorized...

ALPINE-CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

BSA-2017-305

Security Advisory ID : BSA-2017-305 Component : Apache Tomcat Revision : 1.0: Interim The handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOWUPDATE before allowing the application to write more data...

Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

DEBIAN-CVE-2016-6581

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...

BSA-2017-105

Security Advisory ID : BSA-2017-105 Component : Apache HTTPD Revision : 2.0: Final The Apache HTTP Server 2.4.18 through 2.4.20, when modhttp2 and modssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attacker...

DEBIAN-CVE-2016-8740

The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION frames in an HTTP/2 request...

PT-2016-7559

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.23 Description The issue is related to the mod http2 module in the Apache HTTP Server, which does not restrict request-header length when the Protocols configuration includes h2 or h2c. This allow...

Apache Tomcat Denial of Service Vulnerability (CNVD-2016-11592)

Apache Tomcat is a popular open source JSP application server program. A denial of service vulnerability exists in Apache Tomcat, which can be exploited by an attacker to cause the HTTP/2 header parser to enter an infinite loop, resulting in a denial of service...