Lucene search
+L

17 matches found

RedhatCVE
RedhatCVE
added 4 days ago7 views

CVE-2026-54428

A flaw was found in Apache HttpComponents Core. This vulnerability, located in the HTTP/2 HPACK decoder, allows a remote attacker to cause a denial of service. By sending oversized compressed header blocks, an attacker can exhaust memory resources before the system's configured header list size...

7.5CVSS6.1AI score0.00587EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/06 9:7 a.m.9 views

CVE-2026-54399

A flaw was found in Apache HttpComponents Core. This uncontrolled resource consumption vulnerability in the HTTP/1.1 message parser allows a remote attacker to cause a denial of service through memory exhaustion. This can be triggered by sending messages with an excessive number of headers or...

7.5CVSS5.9AI score0.00587EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-54399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an...

7.5CVSS6.2AI score0.00587EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 6:16 p.m.6 views

DEBIAN-CVE-2026-54428

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS5.8AI score0.00587EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 6:16 p.m.12 views

CVE-2026-54428

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS0.00587EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 5:16 p.m.11 views

CVE-2026-54399

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS0.00587EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 5:3 p.m.6 views

CVE-2026-54428

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS5.8AI score0.00587EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 5:3 p.m.4 views

CVE-2026-54428 Apache HttpComponents Core: HPackDecoder Unlimited Header List Size Before SETTINGS ACK

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS6AI score0.00587EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 5:2 p.m.4 views

CVE-2026-54399 Apache HttpComponents Core: Unbounded HTTP Header/Line Length in Default Configuration

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS6AI score0.00587EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 5:2 p.m.181 views

CVE-2026-54399

The CVE concerns Apache HttpComponents Core and a vulnerability in the HTTP/1.1 message parser causing memory exhaustion via an excessive number of headers or header length. Affected versions cited in public CVE records include 5.4.2 and earlier and 5.5-beta1 and earlier; a separate vendor-facing...

7.5CVSS5.8AI score0.00587EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.16 views

SUSE SLED15: httpcomponents-client / httpcomponents-client-cache / etc (SUSE-SU-2024:4036-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4036-1 advisory. httpcomponents-client: - Update to version 4.5.14 HTTPCLIENT-2206: Corrected resource de-allocation by...

5.3CVSS6.8AI score0.08665EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2024/11/18 3:24 p.m.20 views

Security update for httpcomponents-client, httpcomponents-core

This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: - Update to version 4.5.14 HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable...

5.4CVSS7.3AI score0.08665EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.17 views

Fedora: Security Advisory for httpcomponents-core (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Rockylinux
Rockylinux
added 2023/05/25 7:53 p.m.42 views

maven bug fix and enhancement update

An update is available for plexus-interpolation, httpcomponents-core, maven-wagon, maven, google-guice, jsoup, jansi, apache-commons-io, apache-commons-lang3, maven-shared-utils, plexus-utils, plexus-classworlds, jakarta-annotations, httpcomponents-client, apache-commons-codec, plexus-cipher,...

6.6AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 6:38 a.m.12 views

new packages: httpcomponents-core

An update is available for httpcomponents-core. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/10 8:4 a.m.44 views

maven:3.6 security and enhancement update

An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...

5.3CVSS6.2AI score0.08665EPSS
Exploits1
Rockylinux
Rockylinux
added 2021/05/18 6:21 a.m.22 views

3.6 bug fix and enhancement update

An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...

1.8AI score
Exploits0
Rows per page
Query Builder