Lucene search
K

4 matches found

AlpineLinux
AlpineLinux
added 2026/06/26 1:14 a.m.8 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.7AI score0.00656EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/15 4:12 p.m.4 views

golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service DoS attack...

7.5CVSS7.2AI score0.91969EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/04/23 12:34 p.m.5 views

Mozilla: Denial of Service using HTTP/2 CONTINUATION frames

The Mozilla Foundation Security Advisory describes this flaw as: There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser...

3.7CVSS7.3AI score0.00759EPSS
Exploits0References6
CNVD
CNVD
added 2019/10/23 12:0 a.m.4 views

Apache Traffic Server HTTP/2 Input Validation Error Vulnerability

Apache Traffic Server ATS is the United States Apache Apache Software Foundation's set of scalable HTTP proxy and caching server. A security vulnerability exists in Apache Traffic Server versions prior to 7.1.7 and 8.0.4. The vulnerability stems from Apache Traffic Server not limiting the number ...

7.5CVSS6.7AI score0.04561EPSS
Exploits0References1
Rows per page
Query Builder