CVE-2022-0618

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSHPROMISE frame where the frame contains padding information...

EUVD-2025-29531

Malicious code in bioql PyPI...

EUVD-2023-1634

Malicious code in bioql PyPI...

EUVD-2023-1597

Malicious code in bioql PyPI...

EUVD-2023-1524

Malicious code in bioql PyPI...

swift-nio-http2 affected by HTTP/2 MadeYouReset vulnerability

The HTTP/2 MadeYouReset vulnerability has a mild effect on swift-nio-http2. swift-nio-http2 mostly protects against MadeYouReset by using a number of existing denial-of-service prevention patterns that we added in response to the RapidReset vulnerabilities. The result is that servers are not...

GHSA-XVR7-P2C6-J83W swift-nio-http2 affected by HTTP/2 MadeYouReset vulnerability

The HTTP/2 MadeYouReset vulnerability has a mild effect on swift-nio-http2. swift-nio-http2 mostly protects against MadeYouReset by using a number of existing denial-of-service prevention patterns that we added in response to the RapidReset vulnerabilities. The result is that servers are not...

PT-2025-34542 · Swifturl · Github.Com/Apple/Swift-Nio-Http2

The HTTP/2 MadeYouReset vulnerability has a mild effect on swift-nio-http2. swift-nio-http2 mostly protects against MadeYouReset by using a number of existing denial-of-service prevention patterns that we added in response to the RapidReset vulnerabilities. The result is that servers are not...

CVE-2022-24667

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the parsing of...

CVE-2022-24666

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...

CVE-2022-24668

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...

HTTP/2 Stream Cancellation Attack

HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RSTSTREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The clie...

Denial of Service (DoS)

Overview apple/swift-nio-http2 is a HTTP/2 support for SwiftNIO. Affected versions of this package are vulnerable to Denial of Service DoS in the implementation of the HTTP/2 protocol. An attacker can cause a denial of service including via DDoS by rapidly resetting many streams through request...

HTTP/2 Stream Cancellation Attack

HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RSTSTREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The clie...

GHSA-3MWQ-H3G6-FFHM Vapor's incorrect request error handling triggers server crash

Vapor incorrectly handles errors encountered during parsing of HTTP 1.x requests, triggering a precondition failure in swift-nio due to API misuse and causing immediate termination of the server process. Impact This is a denial of service vulnerability, impacting all users of affected versions of...

Improper Handling of Exceptional Conditions

Overview vapor/vapor is an a server-side Swift HTTP web framework. Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions due to the incorrect handling of HTTP 1.x request parsing errors, an attacker can trigger a precondition failure in swift-nio by...

Vapor's incorrect request error handling triggers server crash

Vapor incorrectly handles errors encountered during parsing of HTTP 1.x requests, triggering a precondition failure in swift-nio due to API misuse and causing immediate termination of the server process. Impact This is a denial of service vulnerability, impacting all users of affected versions of...

Vapor's incorrect request error handling triggers server crash

Vapor incorrectly handles errors encountered during parsing of HTTP 1.x requests, triggering a precondition failure in swift-nio due to API misuse and causing immediate termination of the server process...

GHSA-Q36X-R5X4-H4Q6 Denial of service via HTTP/2 HEADERS frames padding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...

Denial of service via HTTP/2 HEADERS frames padding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...