Lucene search
K

4 matches found

OSV
OSV
added 2026/06/22 5:40 a.m.4 views

BIT-ENVOY-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS6AI score0.00815EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.8 views

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable, proven messaging backbone for Service Oriented Architecture SOA. IBM-supplied MQ Advanced container images are standard container images officially provided by IBM,...

4CVSS5.8AI score0.00108EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 8:15 p.m.2 views

UBUNTU-CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.01942EPSS
Exploits0References3
OSV
OSV
added 2020/12/14 8:15 p.m.3 views

UBUNTU-CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.02047EPSS
Exploits0References3
Rows per page
Query Builder