Lucene search
+L

365 matches found

redhat
redhat
added 2023/11/20 7:53 a.m.6 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
debian
debian
added 2023/11/18 4:33 p.m.74 views

[SECURITY] [DSA 5558-1] netty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5558-1 [email protected] https://www.debian.org/security/ Markus Koschany November 18, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.9AI score0.99999EPSS
Exploits20
redhat
redhat
added 2023/11/16 8:14 p.m.46 views

Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

An update is now available for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.5CVSS7AI score0.03796EPSS
Exploits0References3
redhat
redhat
added 2023/11/16 3:57 p.m.49 views

Important: Red Hat Security Advisory: Updated Red Hat Process Automation Manager 7.13.4 SP2 Images

An update is now available for Red Hat Process Automation Manager including images for Red Hat OpenShift Container Platform. Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
redhat
redhat
added 2023/11/16 2:46 p.m.62 views

Important: Red Hat Security Advisory: rh-varnish6-varnish security update

An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
redhat
redhat
added 2023/11/16 2:46 p.m.6 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
redhat
redhat
added 2023/11/16 5:58 a.m.5 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
redhat
redhat
added 2023/11/16 5:58 a.m.60 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits62References10
redhat
redhat
added 2023/11/16 5:58 a.m.7 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
redhat
redhat
added 2023/11/16 5:56 a.m.6 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
redhat
redhat
added 2023/11/16 5:56 a.m.66 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.2 security update

Red Hat build of MicroShift release 4.14.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References7
redhat
redhat
added 2023/11/15 5:7 p.m.100 views

Critical: Red Hat Security Advisory: Red Hat Fuse 7.12.1 release and security update

A minor version update from 7.12 to 7.12.1 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scori...

10CVSS7.6AI score0.99999EPSS
Exploits57References16
redhat
redhat
added 2023/11/15 5:7 p.m.4 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
redhat
redhat
added 2023/11/15 7:24 a.m.7 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
redhat
redhat
added 2023/11/15 7:24 a.m.8 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
redhat
redhat
added 2023/11/15 3:12 a.m.66 views

Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.12.1

cert-manager Operator for Red Hat OpenShift 1.12.1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7AI score0.99999EPSS
Exploits19References6
redhat
redhat
added 2023/11/15 12:16 a.m.59 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.2.12

Red Hat OpenShift Service Mesh 2.2.12 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7AI score0.99999EPSS
Exploits19References4
redhat
redhat
added 2023/11/14 5:0 p.m.77 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits19References8
redhat
redhat
added 2023/11/14 5:0 p.m.12 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
osv
osv
added 2023/11/14 12:0 a.m.51 views

ALSA-2023:7205 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: permission model improperly...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References14
Rows per page
Query Builder