Lucene search
K

212 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.25 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.22 (SUSE-SU-2024:1121-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1121-1 advisory. - CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames bsc1221400 Tenable has extracted...

7.5CVSS7AI score0.91969EPSS
Exploits1References5
OSV
OSV
added 2024/04/06 6:19 p.m.25 views

BIT-GOLANG-2023-45288 HTTP/2 CONTINUATION flood in net/http

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS8AI score0.91969EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2024/04/05 2:23 a.m.9 views

SUSE CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

5.3CVSS8.8AI score0.91969EPSS
Exploits1References66
OSV
OSV
added 2024/04/04 9:15 p.m.7 views

AZL-38281 CVE-2023-45288 affecting package etcd for versions less than 3.5.18-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.7 views

AZL-38581 CVE-2023-45288 affecting package git-lfs for versions less than 3.6.1-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.7 views

AZL-42864 CVE-2023-45288 affecting package multus for versions less than 4.0.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.6 views

AZL-39154 CVE-2023-45288 affecting package sriov-network-device-plugin for versions less than 3.6.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.7 views

AZL-38761 CVE-2023-45288 affecting package prometheus-adapter for versions less than 0.12.0-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.10 views

AZL-50336 CVE-2023-45288 affecting package prometheus for versions less than 2.37.9-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.5 views

AZL-38878 CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.6 views

AZL-39229 CVE-2023-45288 affecting package moby-engine for versions less than 24.0.9-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.6 views

AZL-38392 CVE-2023-45288 affecting package coredns for versions less than 1.11.1-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.10 views

AZL-38338 CVE-2023-45288 affecting package docker-cli for versions less than 25.0.7-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.8 views

DEBIAN-CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.9AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.10 views

AZL-39187 CVE-2023-45288 affecting package blobfuse2 for versions less than 2.1.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.5 views

AZL-39484 CVE-2023-45288 affecting package etcd for versions less than 3.5.12-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.6 views

AZL-39274 CVE-2023-45288 affecting package nmi for versions less than 1.8.17-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.5 views

AZL-38839 CVE-2023-45288 affecting package kubevirt for versions less than 1.2.0-13

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.5 views

AZL-38635 CVE-2023-45288 affecting package vitess for versions less than 19.0.4-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
OSV
OSV
added 2024/04/04 9:15 p.m.10 views

AZL-38956 CVE-2023-45288 affecting package cri-tools for versions less than 1.30.1-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
Rows per page
Query Builder