CVE-2026-48862 Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

MiracleLinux 8 : java-17-openjdk-17.0.11.0.9-2.el8 (AXSA:2024-7705:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7705:07 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

SUSE-SU-2025:02978-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.43i: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc124631...

SUSE-SU-2024:1859-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 25 bsc1223470: - CVE-2023-38264: Fixed Object Request Broker ORB denial of service bsc1224164. - CVE-2024-21094: Fixed C2 compilation fails with 'Exceeded noderegs array' bsc1222986. -...

Apache Traffic Server < 7.0.0 Multiple Vulnerabilities

Binary data 9788.prm...