7 matches found
CVE-2026-48619
A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by improper resource management due to Eclipse Jetty
Summary Eclipse Jetty in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of HTTP/HTTPS client requests for Apache Solr Admin UI. CVE-2025-5115. Vulnerability Details CVEID:CVE-2025-5115 DESCRIPTION: In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21,...
MiracleLinux 8 : java-21-openjdk-21.0.3.0.9-1.el8.ML.1 (AXSA:2024-7709:07)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7709:07 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...
OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...
OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...
OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...
OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...