81 matches found
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
PT-2020-4061 · Nghttp2 +9 · Nghttp2 +9
Name of the Vulnerable Software and Affected Versions: nghttp2 versions prior to 1.41.0 Description: The issue is related to the handling of HTTP/2 SETTINGS frames in nghttp2, where an overly large frame payload can cause a denial of service. A malicious client can construct a SETTINGS frame with...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities
The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
tomcat: Apache Tomcat HTTP/2 DoS
A flaw was found in Apache Tomcat, where the HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open, which enables them to cause server-side threads to block. This flaw eventually leads to a denial of service attack...
tomcat: Apache Tomcat HTTP/2 DoS
A flaw was found in Apache Tomcat, where the HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open, which enables them to cause server-side threads to block. This flaw eventually leads to a denial of service attack...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...