3 matches found
The vulnerability of the on_frame_recv_callback() function (soup-server-message-io-http1.c) in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.
The vulnerability of the onframerecvcallback function soup-server-message-io-http1.c in the GNOME graphical interface library libsoup is related to incorrect interpretation of input data when processing pseudoheaders such as :scheme, :authority, and :path. Exploitation of this vulnerability could...
github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset
Impact Rapidly creating and cancelling streams HEADERS frame immediately followed by RSTSTREAM without bound cause denial of service. See https://vulners.com/cve/CVE-2023-44487 for details. Patches nghttp2 v1.57.0 mitigates this vulnerability by default. Workarounds If upgrading to nghttp2 v1.57....
ALPINE-CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...