7 matches found
ROOT-APP-GOBINARY-CVE-2026-35469 CVE-2026-35469 in rootio-github.com/moby/spdystream - Patched by Root
Root has patched CVE-2026-35469 in the rootio-github.com/moby/spdystream package for Root:Go. Multiple fixed versions available...
Security update for kubernetes1.28
This update for kubernetes1.28 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...
CVE-2026-35469 affecting package containerized-data-importer for versions less than 1.62.0-4
CVE-2026-35469 affecting package containerized-data-importer for versions less than 1.62.0-4. A patched version of the package is available...
BELL-CVE-2026-35469
Bulletin has no description...
CVE-2026-35469
creationtimestamp| type| source ---|---|--- 2026-04-16 23:18:23+00:00| published-proof-of-concept| Telegram/x6U1CUbtpfWdw00zGhzow4OOkK7AiEHUVbiM6o3SMYH6zs0 2026-04-17 01:01:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjnpyepplx2f 2026-04-17 12:45:07+00:00| seen|...
CVE-2026-35469
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...