Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-30156

Опубликовано: 24 мар. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.

РелизСтатусПримечание
devel

not-affected

esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

ignored

changes too intrusive
esm-apps/noble

ignored

changes too intrusive
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

not-affected

code not present
jammy

ignored

changes too intrusive
mantic

ignored

end of life, was needs-triage

Показывать по

EPSS

Процентиль: 22%
0.00071
Низкий

7.5 High

CVSS3

Связанные уязвимости

CVSS3: 7.5
redhat
около 1 года назад

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.

CVSS3: 7.5
nvd
около 1 года назад

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.

CVSS3: 7.5
debian
около 1 года назад

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ...

rocky
около 1 года назад

Important: varnish security update

CVSS3: 7.5
github
около 1 года назад

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack.

EPSS

Процентиль: 22%
0.00071
Низкий

7.5 High

CVSS3