Lucene search
K

4 matches found

OSV
OSV
added 2026/04/10 12:31 p.m.3 views

GHSA-5568-6QCG-G7FX Apache ActiveMQ: Denial of Service via Out of Memory vulnerability

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger updates which causes...

7.5CVSS5.8AI score0.00896EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2024/12/12 8:0 a.m.6 views

TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

...

9.1CVSS7.3AI score0.00541EPSS
Exploits0
OSV
OSV
added 2024/04/08 2:15 p.m.6 views

AZL-40192 CVE-2024-2511 affecting package edk2 for versions less than 20240524git3e722403cd16-8

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

5.9CVSS6.6AI score0.54026EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/05/07 4:19 a.m.6 views

httpd: mod_ssl: access control bypass when using per-location client certification authentication

A flaw was found in Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38. A bug in modssl, when using per-location client certificate verification with TLSv1.3, allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. An attacker could perform vario...

7.5CVSS7.1AI score0.10508EPSS
Exploits0References6
Rows per page
Query Builder