Lucene search
K

11 matches found

F5 Networks
F5 Networks
added 2025/07/03 3:44 p.m.13 views

K000152389: golang: net/http, x/net/http2 vulnerability CVE-2023-39325

Security Advisory Description A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allo...

7.5CVSS6.9AI score0.03796EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.23 views

Fedora 40 : doctl (2023-72ab10f1de)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-72ab10f1de advisory. Automatic update for doctl-1.101.0-2.fc40. Changelog Sat Dec 9 2023 Mikel Olasagasti Uranga - Update to 1.101.0 - Closes rhbz2253730 rhbz2248265 Tenable has...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.42 views

RHCOS 4 : OpenShift Container Platform 4.12.39 (RHSA-2023:5679)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5679 advisory. - golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 - HTTP/2: Multiple HTTP/...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2024/01/19 12:0 a.m.17 views

Fedora 38 : golang-github-facebook-time (2024-f99ecead66)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f99ecead66 advisory. Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.37 views

Fedora 39 : golang-x-net (2024-5d8e87ec66)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5d8e87ec66 advisory. update to v0.20.0 for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.24 views

Fedora 38 : golang-x-net (2024-0ac454dafc)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-0ac454dafc advisory. update to v0.20.0 for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.63 views

CentOS 7 : rhc-worker-script enhancement and (RHSA-2023:5835)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5835 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.24 views

Fedora 39 : prometheus-podman-exporter (2023-b75ee820ce)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b75ee820ce advisory. release v1.5.0 + security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.37 views

Amazon Linux 2 : cni-plugins (ALAS-2023-2325)

The version of cni-plugins installed on the remote host is prior to 1.2.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2325 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7AI score0.03796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.57 views

AlmaLinux 9 : grafana (ALSA-2023:5867)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:5867 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.39 views

AlmaLinux 8 : grafana (ALSA-2023:5863)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:5863 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Rows per page
Query Builder