CVE-2022-31394

Опубликовано: 21 фев. 2023

Источник: ubuntu

Приоритет: medium

CVSS3: 7.5

Описание

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

Релиз	Статус	Примечание
bionic	DNE
devel	not-affected
esm-apps/focal	not-affected
esm-apps/noble	not-affected
focal	ignored	end of standard support, was needs-triage
jammy	DNE
kinetic	not-affected	0.14.19-1
lunar	not-affected
mantic	not-affected
noble	not-affected

Показывать по

Ссылки на источники

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-31394

CVSS3: 7.5

nvd

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

CVE-2022-31394

CVSS3: 7.5

msrc

почти 3 года назад

Описание отсутствует

CVE-2022-31394

CVSS3: 7.5

debian

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the ...

SUSE-SU-2024:0090-1

suse-cvrf

около 2 лет назад

Security update for gstreamer-plugins-rs

GHSA-x477-xp89-wc9r

CVSS3: 7.5

github

почти 3 года назад

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.

7.5 High

CVSS3

CVE-2022-31394

Описание

Пакет rust-hyper

Ссылки на источники

Связанные уязвимости