5 matches found
EUVD-2020-3444
Malware in sbrugna...
Medium: golang
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
SUSE-SU-2023:2603-1 Security update for rustup
This update for rustup fixes the following issues: - CVE-2022-31394: Fixed possible HTTP2 attacks by specifying the HTTP/2 SETTINGSMAXHEADERLISTSIZE bsc1208552. - CVE-2023-26964: Fixed high memory and CPU usage when stream stacking occurs when H2 processes HTTP2 RSTSTREAM frames bsc1210345...
OPENSUSE-SU-2019:2114-1 Security update for nodejs10
This update for nodejs10 to version 10.16.3 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service bsc1146091. -...
SUSE-SU-2019:2259-1 Security update for nodejs10
This update for nodejs10 to version 10.16.3 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service bsc1146091. -...