44 matches found
SUSE: Security Advisory (SUSE-SU-2026:20995-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2026:20995-1 Security update for dnsdist
This update for dnsdist fixes the following issues: Update to dnsdist 1.9.11: - CVE-2025-8671: add mitigations for the HTTP/2 MadeYouReset attack bsc1253852. - CVE-2025-30187: denial of service via crafted DoH exchange bsc1250054...
OPENSUSE-SU-2026:20461-1 Security update for dnsdist
This update for dnsdist fixes the following issues: Update to dnsdist 1.9.11: - CVE-2025-8671: add mitigations for the HTTP/2 MadeYouReset attack bsc1253852. - CVE-2025-30187: denial of service via crafted DoH exchange bsc1250054...
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
SUSE-SU-2026:0888-1 Security update for dnsdist
This update for dnsdist fixes the following issues: Update to dnsdist 1.9.11: - CVE-2025-8671: Add mitigations for the HTTP/2 MadeYouReset attack bsc1253852. - CVE-2025-30187: denial of service via crafted DoH exchange bsc1250054...
Exploit for CVE-2025-8671
CVE-2025-8671-vulnerability-POC- CVE-2025-8671 vulnerability P...
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
Security Bulletin: There is a vulnerability in netty-codec-http2-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-55163)
Summary There is a vulnerability in netty-codec-http2-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to versions...
EUVD-2025-24575
Malicious code in bioql PyPI...
EUVD-2025-28583
Malicious code in bioql PyPI...
EUVD-2025-29531
Malicious code in bioql PyPI...
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
A flaw was found in Jetty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
A flaw was found in Jetty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
Debian dsa-6005 : jetty9 - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6005 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6005-1 [email protected] https://www.debian.org/security/...
Debian dsa-6006 : jetty12 - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6006 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6006-1 [email protected] https://www.debian.org/security/ Moritz...
CVE-2025-9784
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...