CVE-2022-31394

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

CBL Mariner 2.0 Security Update: rpm-ostree (CVE-2022-31394)

The version of rpm-ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-31394 advisory. - Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2...

SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-rs (SUSE-SU-2024:0090-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0090-1 advisory. - Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to...

Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common (CVE-2023-44487)

Summary IBM Storage Protect Server uses the http2-server and http2-common components and may be vulnerable to denial of service caused by a flaw in handling multiplexed streams in the HTTP/2 protocol. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2023:3526-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3526-1 advisory. - An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13....

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rustup (SUSE-SU-2023:2603-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2603-1 advisory. - Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method...

SUSE SLES15 / openSUSE 15 Security Update : aws-nitro-enclaves-cli (SUSE-SU-2023:1844-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1844-1 advisory. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...

Amazon Linux 2 : aws-nitro-enclaves-cli (ALASNITRO-ENCLAVES-2023-021)

The version of aws-nitro-enclaves-cli installed on the remote host is prior to 1.2.2-0. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-021 advisory. Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H...

Important: aws-nitro-enclaves-cli

Issue Overview: Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. CVE-2022-31394 Affected Packages: aws-nitro-enclaves-cli Issue Correction: Run dnf update...

Amazon Linux 2023 : aws-nitro-enclaves-cli, aws-nitro-enclaves-cli-devel, aws-nitro-enclaves-cli-integration-tests (ALAS2023-2023-129)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-129 advisory. Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. CVE-2022-31394 Tenable has...

SUSE CVE-2022-31394

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

AZL-61516 CVE-2022-31394 affecting package rust for versions less than hyper-0.14.25

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

CVE-2022-31394

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

AZL-13685 CVE-2022-31394 affecting package rpm-ostree for versions less than 2022.1-4

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

Design/Logic Flaw

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...

CVE-2022-31394

Hyperium Hyper before 0.14.19 does not allow for customization of the maxheaderlistsize method in the H2 third-party software, allowing attackers to perform HTTP2 attacks...