484 matches found
EUVD-2026-36471
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset. There is a setting in the http2 specification called...
CVE-2026-50560
Netty HTTP/2 vulnerability CVE-2026-50560 affects Netty versions 4.1.135.Final and 4.2.15.Final. When a client sends SETTINGS_MAX_HEADER_LIST_SIZE, Netty may read a request, proxy it to the origin, attempt to generate a response, and then fail while writing response headers, creating an exception...
CVE-2026-44892
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...
CVE-2026-44892
CVE-2026-44892 affects Netty’s HTTP/3 codec. Before 4.2.15.Final, Http3ConnectionHandler defaults allow an unbounded maximum header size when HTTP3_SETTINGS_MAX_FIELD_SECTION_SIZE isn’t specified, enabling a malicious peer to flood headers and cause memory exhaustion (OutOfMemoryError) with netwo...
EUVD-2026-36386
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...
CVE-2026-44892 Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...
CVE-2026-44892 Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...
PT-2026-48925
Summary The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting...
SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS
The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting HTTPHeaders...
UBUNTU-CVE-2026-44892
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...
PT-2026-48916
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset. There is a setting in the http2 specification called SETTINGS MAX...
Security update for perl-Protocol-HTTP2
This update for perl-Protocol-HTTP2 fixes the following issue CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit HTTP/2 Bomb attack bsc1267857. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
GHSA-C2RX-5R8W-8XR2 Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
Summary The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify HTTP3SETTINGSMAXFIELDSECTIONSIZE, the implementation defaults to an unbounded limit. This insecure default configuration...
Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
Summary The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify HTTP3SETTINGSMAXFIELDSECTIONSIZE, the implementation defaults to an unbounded limit. This insecure default configuration...
PT-2026-47563
Summary The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify HTTP3 SETTINGS MAX FIELD SECTION SIZE, the implementation defaults to an unbounded limit. This insecure default...
PT-2026-47603
Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec does not enforce a maximum header size limit. When a peer does not specify HTTP3 SETTINGS MAX FIELD SECTION SIZ...
UBUNTU-CVE-2026-10725
Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...
EUVD-2026-34964
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...
CVE-2026-9538
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...
CVE-2026-9054
An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...