Mageia: Security Advisory (MGASA-2024-0099)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Curl 7.44.0 < 8.7.0 HTTP/2 Push Headers Memory-leak (CVE-2024-2398)

The version of Curl installed on the remote host is between 7.44.0 and prior to 8.7.0. It is, therefore, affected by a memory-leak vulnerability. When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed...

AZL-37069 CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2021-1602)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge...

EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-2018)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCECVE-2020-11984 - Apache HTTP Server...

Apache 2.4.x < 2.4.46 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.46. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.46 advisory. - Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE CVE-2020-11984 - Apache HTTP Server versio...

HTTP/2 push is tougher than I thought

"HTTP/2 push will solve that" is something I've heard a lot when it comes to page load performance problems, but I didn't know much about it, so I decided to dig in. HTTP/2 push is more complicated and low-level than I initially thought, but what really caught me off-guard is how inconsistent it ...

HTTP/2 push is tougher than I thought

"HTTP/2 push will solve that" is something I've heard a lot when it comes to page load performance problems, but I didn't know much about it, so I decided to dig in. HTTP/2 push is more complicated and low-level than I initially thought, but what really caught me off-guard is how inconsistent it ...