CVE-2026-13474

The CVE-2026-13474 vulnerability affects NetScaler ADC and NetScaler Gateway when HTTP/2 is enabled in an HTTP Profile and tied to a virtual server (LB, CS, VPN) or its service. It allows denial of service via malformed HTTP/2 requests, impacting availability. CVSS v4.0 base score 8.7 (HIGH) with...

RHCOS 4 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...

tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames

A flaw was found in Apache Tomcat where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream...