Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/07/06 9:7 a.m.5 views

CVE-2026-54399

A flaw was found in Apache HttpComponents Core. This uncontrolled resource consumption vulnerability in the HTTP/1.1 message parser allows a remote attacker to cause a denial of service through memory exhaustion. This can be triggered by sending messages with an excessive number of headers or...

7.5CVSS5.9AI score0.00587EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 5:16 p.m.3 views

DEBIAN-CVE-2026-54399

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS5.8AI score0.00587EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.10 views

CVE-2026-54399

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS0.00587EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 5:2 p.m.37 views

CVE-2026-54399 Apache HttpComponents Core: Unbounded HTTP Header/Line Length in Default Configuration

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

0.00587EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/01 9:16 p.m.4 views

CVE-2026-34516

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13....

8.7CVSS5.8AI score0.0044EPSS
Exploits0References4
CVE
CVE
added 2026/02/04 12:0 a.m.10 views

CVE-2025-71031

CVE-2025-71031 affects Water-Melon Melon prior to commit 9df9292. The HTTP component lacks a maximum header length, enabling a crafted header to exhaust RAM and cause a Denial of Service. CVSS v3.1 base score 7.5 (HIGH) with network access, low attack complexity, no privileges required, no user i...

7.5CVSS5.5AI score0.00478EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2025/06/26 11:21 p.m.3 views

SUSE CVE-2025-52887

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...

7.5CVSS6.8AI score0.0043EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/21 6:23 p.m.10 views

CVE-1999-0393

Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers...

5CVSS7AI score0.02427EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 2:33 p.m.5 views

SUSE-SU-2025:0299-1 Security update for ignition

This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236518...

7.5CVSS8.1AI score0.91969EPSS
Exploits1References3
Amazon
Amazon
added 2024/12/12 12:0 a.m.5 views

Medium: dovecot

Issue Overview: Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23184 Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23185 Affected Packages: dovecot Issue...

7.5CVSS6.8AI score0.01284EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2024/08/21 11:56 a.m.14 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/21 11:53 a.m.12 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/21 11:53 a.m.4 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.13 views

PT-2024-5814 · Dovecot +10 · Dovecot Imap Server +10

Name of the Vulnerable Software and Affected Versions: Dovecot IMAP Server versions 2.2 through 2.3.20 Description: The issue is related to the excessive CPU usage caused by a large number of address headers in emails, which can be exploited by external actors to consume system resources and caus...

9.8CVSS6.2AI score0.62579EPSS
Exploits15References114
Amazon
Amazon
added 2024/08/13 12:0 a.m.5 views

Important: tomcat

Issue Overview: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn l...

7.5CVSS7AI score0.04602EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/06 1:50 p.m.4 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/06 11:7 a.m.3 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/06 10:49 a.m.6 views

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

7.5CVSS6.8AI score0.04602EPSS
Exploits0References5
Amazon
Amazon
added 2024/07/22 12:0 a.m.5 views

Important: tomcat9

Issue Overview: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn l...

7.5CVSS6.9AI score0.04602EPSS
Exploits0
CVE
CVE
added 2024/07/03 7:32 p.m.472 views

CVE-2024-34750

CVE-2024-34750 affects Apache Tomcat across multiple lines of the 9.x, 10.x, and 11.x series, where improper handling of HTTP/2 streams leads to miscounting active streams and the use of an infinite timeout, allowing connections to remain open. Root cause: during HTTP/2 processing, Tomcat fails t...

7.5CVSS7.1AI score0.04602EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder