GHSA-x477-xp89-wc9r

Опубликовано: 21 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

Ссылки

EPSS

Процентиль: 53%

0.003

Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-31394

Дефекты

CWE-770

Связанные уязвимости

CVE-2022-31394

CVSS3: 7.5

ubuntu

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

CVE-2022-31394

CVSS3: 7.5

nvd

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

CVE-2022-31394

CVSS3: 7.5

msrc

почти 3 года назад

Описание отсутствует

CVE-2022-31394

CVSS3: 7.5

debian

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the ...

SUSE-SU-2024:0090-1

suse-cvrf

около 2 лет назад

Security update for gstreamer-plugins-rs

EPSS

Процентиль: 53%

0.003

Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-31394

Дефекты

CWE-770