Lucene search
K

27 matches found

OSV
OSV
added 2022/02/11 12:0 a.m.2 views

GHSA-PV7R-9VJG-G3F9 Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a...

7.5CVSS7.4AI score0.01354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/02/09 12:0 a.m.3 views

PT-2022-16784 · Apple · Swift-Nio-Http2

Name of the Vulnerable Software and Affected Versions: swift-nio-http2 versions 1.0.0 through 1.19.1 Description: A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack is caused by a logical erro...

7.5CVSS7.3AI score0.01354EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2019/03/15 12:0 a.m.41 views

RHEL 7 : OpenShift Container Platform 3.9 haproxy (RHSA-2019:0547)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0547 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy...

7.5CVSS6.6AI score0.04459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/03/14 7:58 a.m.5 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/02/20 2:11 p.m.8 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/02/05 8:26 a.m.5 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/12/31 12:0 a.m.26 views

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6.8AI score0.04459EPSS
Exploits0References2
Rows per page
Query Builder