Количество 20
Количество 20
GHSA-w6v5-q8c8-52xx
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal da ...
ELSA-2019-2893
ELSA-2019-2893: httpd:2.4 security update (IMPORTANT)
BDU:2019-03780
Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, связанная с неконтролируемым расходом ресурса, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2019-03647
Уязвимость сетевого протокола HTTP/2 веб-сервера Apache Traffic Server, программной платформы Node.js, связанная с недостатком механизма контроля расхода ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2019:2329-1
Security update for apache2
openSUSE-SU-2019:2051-1
Security update for apache2
SUSE-SU-2019:2237-1
Security update for apache2
openSUSE-SU-2019:2115-1
Security update for nodejs8
openSUSE-SU-2019:2114-1
Security update for nodejs10
SUSE-SU-2019:2260-1
Security update for nodejs8
SUSE-SU-2019:2259-1
Security update for nodejs10
SUSE-SU-2019:2254-1
Security update for nodejs10
ELSA-2019-2925
ELSA-2019-2925: nodejs:10 security update (IMPORTANT)
SUSE-SU-2020:0059-1
Security update for nodejs12
RLSA-2019:2925
Important: nodejs:10 security update
SUSE-SU-2019:14246-1
Security update for Mozilla Firefox
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-w6v5-q8c8-52xx Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. | CVSS3: 7.5 | 5% Низкий | около 3 лет назад |
 | CVE-2019-9517 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. | CVSS3: 7.5 | 5% Низкий | почти 6 лет назад |
 | CVE-2019-9517 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. | CVSS3: 7.5 | 5% Низкий | почти 6 лет назад |
 | CVE-2019-9517 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. | CVSS3: 7.5 | 5% Низкий | почти 6 лет назад |
| CVE-2019-9517 Some HTTP/2 implementations are vulnerable to unconstrained interal da ... | CVSS3: 7.5 | 5% Низкий | почти 6 лет назад |
| ELSA-2019-2893 ELSA-2019-2893: httpd:2.4 security update (IMPORTANT) | больше 5 лет назад | ||
 | BDU:2019-03780 Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, связанная с неконтролируемым расходом ресурса, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 7.5 | 5% Низкий | около 6 лет назад |
| BDU:2019-03647 Уязвимость сетевого протокола HTTP/2 веб-сервера Apache Traffic Server, программной платформы Node.js, связанная с недостатком механизма контроля расхода ресурсов, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 5% Низкий | около 6 лет назад |
 | SUSE-SU-2019:2329-1 Security update for apache2 | почти 6 лет назад | ||
| openSUSE-SU-2019:2051-1 Security update for apache2 | почти 6 лет назад | ||
| SUSE-SU-2019:2237-1 Security update for apache2 | почти 6 лет назад | ||
| openSUSE-SU-2019:2115-1 Security update for nodejs8 | почти 6 лет назад | ||
| openSUSE-SU-2019:2114-1 Security update for nodejs10 | почти 6 лет назад | ||
| SUSE-SU-2019:2260-1 Security update for nodejs8 | почти 6 лет назад | ||
| SUSE-SU-2019:2259-1 Security update for nodejs10 | почти 6 лет назад | ||
| SUSE-SU-2019:2254-1 Security update for nodejs10 | почти 6 лет назад | ||
| ELSA-2019-2925 ELSA-2019-2925: nodejs:10 security update (IMPORTANT) | больше 5 лет назад | ||
| SUSE-SU-2020:0059-1 Security update for nodejs12 | больше 5 лет назад | ||
 | RLSA-2019:2925 Important: nodejs:10 security update | больше 5 лет назад | ||
| SUSE-SU-2019:14246-1 Security update for Mozilla Firefox | больше 5 лет назад |
Уязвимостей на страницу