Описание
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.4.58-1ubuntu8.1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | released | 2.4.29-1ubuntu4.27+esm2 |
| esm-infra/focal | not-affected | 2.4.41-4ubuntu3.17 |
| esm-infra/xenial | released | 2.4.18-2ubuntu3.17+esm12 |
| focal | released | 2.4.41-4ubuntu3.17 |
| jammy | released | 2.4.52-1ubuntu4.9 |
| mantic | released | 2.4.57-2ubuntu2.4 |
| noble | released | 2.4.58-1ubuntu8.1 |
| oracular | released | 2.4.58-1ubuntu8.1 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
HTTP/2 incoming headers exceeding the limit are temporarily buffered i ...
EPSS
7.5 High
CVSS3