1391 matches found
CVE-2022-24666
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...
Design/Logic Flaw
A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...
Integer overflow
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the parsing of...
Design/Logic Flaw
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...
CVE-2022-24668
A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...
CVE-2022-24667
What is affected: swift-nio-http2. Vulnerability: HPACK header block parsing bugs allow a maliciously crafted header block to crash the server, causing denial of service. Versions affected: 1.0.0 through 1.19.1. Root cause: multiple implementation errors in parsing HPACK-encoded headers in HTTP/2...
CVE-2022-24667
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the parsing of...
CVE-2022-24666
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...
CVE-2022-24666
The CVE-2022-24666 entry concerns swift-nio-http2, affected across versions 1.0.0 through 1.19.1. Root cause: a logic error when parsing an HTTP/2 HEADERS frame containing priority information without other data, causing a miscalculation of frame size and a subsequent parsing error that crashes t...
swift-nio-http2 安全漏洞
swift-nio-http2 is a SwiftPM project that can be built and tested very easily. A security vulnerability exists in swift-nio-http2 that stems from the fact that programs that use swift-nio-http2 are susceptible to a denial-of-service attack, which is caused by a network peer sending a specially...
PT-2022-16786 · Apple · Swift-Nio-Http2
Name of the Vulnerable Software and Affected Versions: swift-nio-http2 versions 1.0.0 through 1.19.1 Description: A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack is caused by a logical error after...
PT-2022-16784 · Apple · Swift-Nio-Http2
Name of the Vulnerable Software and Affected Versions: swift-nio-http2 versions 1.0.0 through 1.19.1 Description: A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack is caused by a logical erro...
Rocky Linux 8 : firefox (RLSA-2021:4123)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4123 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or...
AlmaLinux 8 : thunderbird (ALSA-2021:4130)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4130 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigati...
AlmaLinux 8 : firefox (ALSA-2021:4123)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4123 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigati...
swift-nio-http2 输入验证错误漏洞
swift-nio-http2 is a SwiftPM project that can be built and tested very easily. A security vulnerability exists in swift-nio-http2 that stems from the fact that programs using swift-nio-http2 are susceptible to a denial-of-service attack, which is caused by a network peer sending a specially craft...
openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:1552-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1602-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.10 on OpenJDK for OpenShift image security update
A new image is available for Red Hat Single Sign-On 7.4.10 on OpenJDK, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On fo...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.10 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...