Количество 94
Количество 94
ELSA-2024-9472
ELSA-2024-9472: grafana-pcp security update (IMPORTANT)
ELSA-2024-9456
ELSA-2024-9456: osbuild-composer security update (IMPORTANT)
ELSA-2024-8111
ELSA-2024-8111: skopeo security update (IMPORTANT)
ELSA-2024-8110
ELSA-2024-8110: containernetworking-plugins security update (IMPORTANT)
ELSA-2024-7204
ELSA-2024-7204: osbuild-composer security update (IMPORTANT)
ELSA-2024-7136
ELSA-2024-7136: git-lfs security update (IMPORTANT)
ELSA-2024-7135
ELSA-2024-7135: git-lfs security update (IMPORTANT)
ELSA-2024-6947
ELSA-2024-6947: grafana security update (IMPORTANT)
ELSA-2024-6946
ELSA-2024-6946: grafana-pcp security update (IMPORTANT)
ELSA-2024-11217
ELSA-2024-11217: skopeo security update (IMPORTANT)
ELSA-2024-11216
ELSA-2024-11216: containernetworking-plugins security update (MODERATE)
BDU:2024-07025
Уязвимость функции Decoder.Decode языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании
RLSA-2024:7262
Important: osbuild-composer security update
ELSA-2024-9473
ELSA-2024-9473: grafana security update (IMPORTANT)
ELSA-2024-7262
ELSA-2024-7262: osbuild-composer security update (IMPORTANT)
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server respon ...
SUSE-SU-2024:2309-1
Security update for go1.22
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2024-9472 ELSA-2024-9472: grafana-pcp security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-9456 ELSA-2024-9456: osbuild-composer security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-8111 ELSA-2024-8111: skopeo security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-8110 ELSA-2024-8110: containernetworking-plugins security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-7204 ELSA-2024-7204: osbuild-composer security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-7136 ELSA-2024-7136: git-lfs security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-7135 ELSA-2024-7135: git-lfs security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-6947 ELSA-2024-6947: grafana security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-6946 ELSA-2024-6946: grafana-pcp security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-11217 ELSA-2024-11217: skopeo security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-11216 ELSA-2024-11216: containernetworking-plugins security update (MODERATE) | 6 месяцев назад | ||
 | BDU:2024-07025 Уязвимость функции Decoder.Decode языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад |
 | RLSA-2024:7262 Important: osbuild-composer security update | 9 месяцев назад | ||
| ELSA-2024-9473 ELSA-2024-9473: grafana security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-7262 ELSA-2024-7262: osbuild-composer security update (IMPORTANT) | 9 месяцев назад | ||
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 7.5 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 5.9 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. | CVSS3: 7.5 | 0% Низкий | 12 месяцев назад |
| CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server respon ... | CVSS3: 7.5 | 0% Низкий | 12 месяцев назад |
 | SUSE-SU-2024:2309-1 Security update for go1.22 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу