gRPC Swift 输入验证错误漏洞

gRPC Swift is an open source Swift language implementation of gRPC , it contains a gRPC Swift API and code generator . Provides an API and generated code for gRPC clients and servers and can be built using Xcode or the Swift package manager. A security vulnerability in HTTP2ToRawGRPCServerCodec i...

gRPC Swift 安全漏洞

gRPC Swift is an open source Swift language implementation of gRPC , it contains a gRPC Swift API and code generator . The API and generated code are provided for gRPC clients and servers and can be built using Xcode or the Swift package manager. A security vulnerability exists in gRPC Swift 1.1....

Apache Traffic Server Input Validation Error Vulnerability

Apache Traffic Server or ATS or TS for short , is a high-performance , modular HTTP proxy and caching server . An improper input validation vulnerability exists in HTTP/2 in Apache Traffic Server versions 7.0.0 - 7.1.12, 8.0.0 - 8.1.1, 9.0.0 - 9.0.1. An attacker could exploit this vulnerability t...

DEBIAN-CVE-2021-32567

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

[SECURITY] Fedora 34 Update: mod_http2-1.15.19-1.fc34

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

[SECURITY] Fedora 33 Update: mod_http2-1.15.19-1.fc33

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

Fedora: Security Advisory for mod_http2 (FEDORA-2021-051639aad4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for mod_http2 (FEDORA-2021-181f29c392)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

AZL-44166 CVE-2021-31618 affecting package mod_http2 for versions less than 2.0.29-3

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

SUSE: Security Advisory (SUSE-SU-2021:0648-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0061-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0651-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0649-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29258

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion...

CVE-2021-29258

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion...

Authentication flaw

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion...

CVE-2021-29258

CVE-2021-29258 affects Envoy 1.14.0, causing a remote crash in HTTP2 Metadata triggered by an empty METADATA map → Reachable Assertion. CVSSv3.1 base score 7.5 (HIGH, NETWORK, no user interaction). The connected BIT-ENVOY entry confirms the issue; no exploitation details or fixed-version info are...

CVE-2021-29258

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion...