Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.8 views

CVE-2023-50247

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack quicly, as used by H2O up to commit 43f86e5 in version 2.3.0-beta and prior, is susceptible to a state exhaustion attack. When H2O is serving HTTP/3, a remote attacker can exploit this vulnerability to progressivel...

7.5CVSS6.8AI score0.00857EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2025/11/19 11:35 p.m.9 views

[slackware-security] openvpn

New openvpn packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openvpn-2.6.16-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix memcmp check for the hmac verification in the...

8.2CVSS6.9AI score0.00621EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-55065

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00857EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/12/12 8:15 p.m.24 views

CVE-2023-50247

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack quicly, as used by H2O up to commit 43f86e5 in version 2.3.0-beta and prior, is susceptible to a state exhaustion attack. When H2O is serving HTTP/3, a remote attacker can exploit this vulnerability to progressivel...

5CVSS7.1AI score0.00857EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/12 7:56 p.m.39 views

CVE-2023-50247 h2o QUIC state exhaustion DoS

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack quicly, as used by H2O up to commit 43f86e5 in version 2.3.0-beta and prior, is susceptible to a state exhaustion attack. When H2O is serving HTTP/3, a remote attacker can exploit this vulnerability to progressivel...

3.7CVSS7.7AI score0.00857EPSS
Exploits0References2
CVE
CVE
added 2023/12/12 7:56 p.m.56 views

CVE-2023-50247

The CVE-2023-50247 issue affects the h2o HTTP server (HTTP/1.x, HTTP/2, HTTP/3) where the QUIC stack (quicly), used in versions up to 2.3.0-beta, can trigger a state-exhaustion DoS when serving HTTP/3. The underlying cause is memory growth in the QUIC stack, which may lead to memory exhaustion an...

7.5CVSS5.6AI score0.00857EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/12/12 7:56 p.m.31 views

CVE-2023-50247 h2o QUIC state exhaustion DoS

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack quicly, as used by H2O up to commit 43f86e5 in version 2.3.0-beta and prior, is susceptible to a state exhaustion attack. When H2O is serving HTTP/3, a remote attacker can exploit this vulnerability to progressivel...

3.7CVSS7.4AI score0.00857EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/12/12 7:56 p.m.21 views

CVE-2023-50247

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack quicly, as used by H2O up to commit 43f86e5 in version 2.3.0-beta and prior, is susceptible to a state exhaustion attack. When H2O is serving HTTP/3, a remote attacker can exploit this vulnerability to progressivel...

7.5CVSS7.5AI score0.00857EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.4 views

DNS cache servers resource consumption by TCP SYN_SENT states

Overview DNS cache servers consume huge resources for communication with DNS authoritative servers in the following situation. 1 a user sends a query to the DNS cache server 2 the DNS cache server sends a UDP query to an authoritative server 3 when the authoritative server finds that the reply...

5CVSS7AI score
Exploits0References3
Rows per page
Query Builder