19 matches found
CVE-2022-31394
Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...
CVE-2022-31394 affecting package rust for versions less than hyper-0.14.25
CVE-2022-31394 affecting package rust for versions less than hyper-0.14.25. A patched version of the package is available...
CBL Mariner 2.0 Security Update: rpm-ostree (CVE-2022-31394)
The version of rpm-ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-31394 advisory. - Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2...
CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-7
CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-7. A patched version of the package is available...
openSUSE: Security Advisory for sccache (SUSE-SU-2023:2637-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gstreamer (SUSE-SU-2024:0090-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for sccache (SUSE-SU-2023:3526-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-rs (SUSE-SU-2024:0090-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0090-1 advisory. - CVE-2022-31394: Fixed a potential denial of service in the HTTP/2 implementation bsc1208556. Tenable has extracted the preceding description block...
SUSE-SU-2024:0090-1 Security update for gstreamer-plugins-rs
This update for gstreamer-plugins-rs fixes the following issues: - CVE-2022-31394: Fixed a potential denial of service in the HTTP/2 implementation bsc1208556...
SUSE SLES15: aws-nitro-enclaves-binaryblobs-upstream / aws-nitro-enclaves-cli / etc (SUSE-SU-2023:1844-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1844-1 advisory. Update aws-nitro-enclaves-cli to version 1.2.2git0.4ccc639: CVE-2022-31394: Fixed DoS vulnerability in hyper crate...
CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-4
CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-4. A patched version of the package is available...
Important: aws-nitro-enclaves-cli
Issue Overview: Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. CVE-2022-31394 Affected Packages: aws-nitro-enclaves-cli Issue Correction: Run dnf update...
Amazon Linux 2 : aws-nitro-enclaves-cli (ALASNITRO-ENCLAVES-2023-021)
The version of aws-nitro-enclaves-cli installed on the remote host is prior to 1.2.2-0. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-021 advisory. Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H...
Amazon Linux 2023 : aws-nitro-enclaves-cli, aws-nitro-enclaves-cli-devel, aws-nitro-enclaves-cli-integration-tests (ALAS2023-2023-129)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-129 advisory. Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. CVE-2022-31394 Tenable has...
SUSE CVE-2022-31394
Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...
CVE-2022-31394
creationtimestamp| type| source ---|---|--- 2023-02-21 16:16:38+00:00| seen| https://t.me/cibsecurity/58594 2025-03-17 19:34:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7831...
CVE-2022-31394
Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...
CVE-2022-31394
Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...
CVE-2022-31394
CVE-2022-31394 affects the Hyperium Hyper HTTP/2 stack in the Hyper crate before 0.14.19, where the max_header_list_size customization is blocked, enabling HTTP/2 attacks. Affected products use Hyper prior to 0.14.19; advisories and open-source references (e.g., Hyper PRs and SUSE advisories) ind...