Lucene search
K

4433 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/21 12:0 a.m.52 views

AlmaLinux 8 : grafana (ALSA-2023:2784)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2784 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS6.9AI score0.02513EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/05/20 12:0 a.m.39 views

AlmaLinux 8 : git-lfs (ALSA-2023:2866)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2866 advisory. - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. Thi...

7.5CVSS7AI score0.05623EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/05/20 12:0 a.m.27 views

AlmaLinux 8 : Image Builder (ALSA-2023:2780)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2780 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS7AI score0.05623EPSS
Exploits1References6
Citrix
Citrix
added 2023/05/19 12:0 a.m.6 views

Netscaler crash after upgrading to the version 13.1-45.63 with HTTP/2 enabled.

A NetScaler appliance might crash when an HTTP/2 enabled virtual server generates a response for an HTTP/2 request, instead of forwarding the request to the back-end service...

7.1AI score
Exploits0
OSV
OSV
added 2023/05/18 5:30 p.m.10 views

GHSA-CCW9-Q5H2-8C2W swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logica...

7.5CVSS7.3AI score0.01333EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/05/18 5:30 p.m.20 views

swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logica...

7.5CVSS6.7AI score0.01333EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/05/18 5:28 p.m.12 views

GHSA-W3F6-PC54-GFW7 swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

7.5CVSS7.4AI score0.01101EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/05/18 5:28 p.m.27 views

swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

7.5CVSS6.8AI score0.01101EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/18 12:20 a.m.42 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

7.5CVSS6.6AI score0.05623EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.20 views

swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logical error...

7.5CVSS6.7AI score0.01101EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.10 views

swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

7.5CVSS6.8AI score0.01101EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.12 views

swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logica...

7.5CVSS6.7AI score0.01333EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.35 views

EulerOS 2.0 SP10 : haproxy (EulerOS-SA-2023-1976)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka 'request...

9.1CVSS7.5AI score0.05493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.35 views

CentOS 8 : go-toolset:rhel8 (CESA-2023:3083)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3083 advisory. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small...

7.5CVSS7AI score0.04561EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/16 8:31 a.m.76 views

Moderate: Red Hat Security Advisory: git-lfs security and bug fix update

An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.7AI score0.05623EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.25 views

CentOS 8 : grafana-pcp (CESA-2023:2785)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:2785 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if...

7.5CVSS6.9AI score0.02513EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.39 views

CentOS 8 : grafana (CESA-2023:2784)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:2784 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closin...

7.5CVSS7AI score0.02513EPSS
Exploits1References5
OSV
OSV
added 2023/05/16 12:0 a.m.40 views

ALSA-2023:2866 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References8
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.56 views

Moderate: Image Builder security, bug fix, and enhancement update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS6.7AI score0.05623EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.55 views

Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...

7.5CVSS6.8AI score0.05623EPSS
Exploits1References8
Rows per page
Query Builder