CVE-2023-40534

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTPREQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached...

CVE-2023-40534

CVE-2023-40534 affects F5 BIG-IP HTTP/2 in multiple branches. When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled on a virtual server, and an iRule using HTTP_REQUEST or a Local Traffic Policy is attached, undisclosed requests can cause the Traffic Management Microkernel ...

PT-2023-6400 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions prior to the fixed version Description: The issue is related to errors in memory release, which can be exploited by a remote attacker to cause a denial of service. When a client-side HTTP/2 profile and the HTTP MRF Router opti...

K81557381: BIG-IP HTTP/2 vulnerability CVE-2019-6673

Security Advisory Description When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to...

Design/Logic Flaw

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note:...