Количество 86
Количество 86
RLSA-2024:9102
Moderate: podman security update
ELSA-2024-9102
ELSA-2024-9102: podman security update (MODERATE)
SUSE-SU-2024:3360-1
Security update for container-suseconnect
ELSA-2024-9097
ELSA-2024-9097: buildah security update (MODERATE)
ELSA-2024-9115
ELSA-2024-9115: grafana security update (MODERATE)
ELSA-2024-9098
ELSA-2024-9098: skopeo security update (MODERATE)
ROS-20240826-20
Множественные уязвимости stolon
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
Denial of service due to improper 100-continue handling in net/http
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server respon ...
SUSE-SU-2024:3755-1
Security update for go1.21-openssl
SUSE-SU-2024:3089-1
Security update for go1.21-openssl
SUSE-SU-2024:3938-1
Security update for go1.22-openssl
SUSE-SU-2024:3772-1
Security update for go1.22-openssl
SUSE-SU-2024:2309-1
Security update for go1.22
SUSE-SU-2024:2308-1
Security update for go1.21
SUSE-SU-2024:2295-1
Security update for go1.22
SUSE-SU-2024:2294-1
Security update for go1.21
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2024:9102 Moderate: podman security update | 7 месяцев назад | ||
| ELSA-2024-9102 ELSA-2024-9102: podman security update (MODERATE) | 11 месяцев назад | ||
 | SUSE-SU-2024:3360-1 Security update for container-suseconnect | около 1 года назад | ||
| ELSA-2024-9097 ELSA-2024-9097: buildah security update (MODERATE) | 11 месяцев назад | ||
| ELSA-2024-9115 ELSA-2024-9115: grafana security update (MODERATE) | 11 месяцев назад | ||
| ELSA-2024-9098 ELSA-2024-9098: skopeo security update (MODERATE) | 11 месяцев назад | ||
 | ROS-20240826-20 Множественные уязвимости stolon | CVSS3: 7.5 | около 1 года назад | |
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-24791 Denial of service due to improper 100-continue handling in net/http | CVSS3: 7.5 | 1% Низкий | около 2 месяцев назад |
| CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server respon ... | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| SUSE-SU-2024:3755-1 Security update for go1.21-openssl | 12 месяцев назад | ||
| SUSE-SU-2024:3089-1 Security update for go1.21-openssl | около 1 года назад | ||
| SUSE-SU-2024:3938-1 Security update for go1.22-openssl | 12 месяцев назад | ||
| SUSE-SU-2024:3772-1 Security update for go1.22-openssl | 12 месяцев назад | ||
| SUSE-SU-2024:2309-1 Security update for go1.22 | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2308-1 Security update for go1.21 | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2295-1 Security update for go1.22 | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2294-1 Security update for go1.21 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу