Lucene search
+L

16 matches found

RedHat Linux
RedHat Linux
added 2026/07/09 3:29 p.m.3 views

micrometer-core: micrometer-jetty11: micrometer-jetty12: Micrometer: Denial of Service via specially crafted HTTP requests

A flaw was found in Micrometer. A remote attacker can provide specially crafted HTTP requests, which may lead to a denial-of-service DoS condition. This vulnerability allows an attacker to disrupt the availability of the affected system...

7.5CVSS5.9AI score0.00623EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/09 6:34 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the gRPC server instrumentation. An attacker can cause service disruption by sending specially crafted gRPC requests. Note: This issue is exploitable if an ObservationRegistry is...

8.7CVSS5.4AI score0.00474EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:16 a.m.13 views

CVE-2026-40984

In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9.0 through 1.9.17...

7.5CVSS0.00623EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/09 3:47 a.m.19 views

EUVD-2026-35320

In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9.0 through 1.9.17...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:47 a.m.118 views

CVE-2026-40984

CVE-2026-40984 details (from provided sources): Affects Micrometer HTTP server instrumentations across micrometer-core and micrometer-jetty variants (various versions listed in the initial entry). The vulnerability is a DoS triggered by specially crafted HTTP requests. The CVSS v3.1 base score is...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47643

Name of the Vulnerable Software and Affected Versions micrometer-core versions 1.16.0 through 1.16.5 micrometer-core versions 1.15.0 through 1.15.11 micrometer-core versions 1.14.0 through 1.14.15 micrometer-core versions 1.13.0 through 1.13.18 micrometer-core versions 1.9.0 through 1.9.17...

7.5CVSS5.8AI score0.00623EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

VMware Micrometer 资源管理错误漏洞

VMware Micrometer is an application monitoring metric collection framework developed by the American company VMware. There is a resource management vulnerability in VMware Micrometer; this vulnerability stems from the ability for users to submit custom HTTP requests, which may lead to denial of...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/08 12:0 a.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via HTTP server metrics instrumentation in Micrometer. An attacker can cause denial of service by sending specially crafted HTTP requests that trigger excessive resource consumption...

8.2CVSS5.5AI score0.00623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-34053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS...

7.5CVSS7AI score0.0115EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/11/28 1:28 p.m.70 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS7.3AI score0.0115EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/11/28 9:30 a.m.59 views

Spring Framework vulnerable to denial of service

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS7AI score0.0115EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/11/28 9:30 a.m.4 views

GHSA-V94H-HVHG-MF9H Spring Framework vulnerable to denial of service

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.4AI score0.0115EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/11/28 9:15 a.m.53 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0References2
OSV
OSV
added 2023/11/28 9:15 a.m.25 views

UBUNTU-CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/11/28 8:10 a.m.40 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0
OSV
OSV
added 2023/11/28 8:10 a.m.15 views

CVE-2023-34053 Spring Framework server Web Observations DoS Vulnerability

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

5.3CVSS7AI score0.0115EPSS
Exploits0References4
Rows per page
Query Builder