Lucene search
+L

4 matches found

OSV
OSV
added 2024/04/04 9:15 p.m.8 views

AZL-42864 CVE-2023-45288 affecting package multus for versions less than 4.0.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.10 views

DEBIAN-CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.9AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.8 views

AZL-38761 CVE-2023-45288 affecting package prometheus-adapter for versions less than 0.12.0-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 2:30 p.m.4 views

CVE-2021-40336

A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session...

8.8CVSS5.8AI score0.00417EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder