Lucene search
K

363 matches found

RedHat Linux
RedHat Linux
added 2023/11/08 2:26 p.m.5 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
RedHat Linux
RedHat Linux
added 2023/11/08 8:43 a.m.44 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.21 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.21 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2023/11/08 8:40 a.m.33 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.21 security and extras update

Red Hat OpenShift Container Platform release 4.13.21 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/08 1:37 a.m.49 views

Important: Red Hat Security Advisory: Machine Deletion Remediation Operator 0.2.1 security update

This is an updated version for the machine-deletion-remediation-operator-bundle-container and the machine-deletion-remediation-operator-container. It is now available for Machine Deletion Remediation 0.2 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of...

7.5CVSS7AI score0.99999EPSS
Exploits19References4
RedHat Linux
RedHat Linux
added 2023/11/08 1:10 a.m.9 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/08 1:10 a.m.3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/08 1:10 a.m.4 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
RedHat Linux
RedHat Linux
added 2023/11/08 12:57 a.m.58 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Operator security update

An update is now available for OpenShift-Pipelines-1.11-RHEL-8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References6
RedHat Linux
RedHat Linux
added 2023/11/07 10:27 a.m.3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/07 10:7 a.m.3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/07 9:5 a.m.3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
OpenVAS
OpenVAS
added 2023/11/07 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2023:4374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References7
RedHat Linux
RedHat Linux
added 2023/11/06 11:24 a.m.59 views

Important: Red Hat Security Advisory: Migration Toolkit for Applications security update

An update is now available for MTA-6.1-RHEL-8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References4
OSV
OSV
added 2023/11/06 10:13 a.m.15 views

SUSE-SU-2023:4374-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-38552: Fixed an integrity checks according to policies that could be circumvented. bsc1216272...

7.5CVSS7.8AI score0.99999EPSS
Exploits19References5
RedHat Linux
RedHat Linux
added 2023/11/03 8:48 a.m.5 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
RedHat Linux
RedHat Linux
added 2023/11/03 8:48 a.m.3 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/02 3:29 p.m.53 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.11 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7AI score0.99999EPSS
Exploits19References5
RedHat Linux
RedHat Linux
added 2023/11/02 3:29 p.m.11 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
RedHat Linux
RedHat Linux
added 2023/11/02 10:25 a.m.67 views

Important: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.2.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References5
RedHat Linux
RedHat Linux
added 2023/11/01 2:8 p.m.5 views

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References9
Rows per page
Query Builder