The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.Read M ...
Continue Reading
December 15, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...
Continue Reading
December 15, 2023
swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-n ...
Continue Reading
December 15, 2023
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant nu ...
Continue Reading
December 15, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
December 15, 2023
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other cl ...
Continue Reading
December 15, 2023
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12781 advisory. - Envoy is an open source edge and service proxy de ...
Continue Reading
December 15, 2023
A flaw was found in gRPC. Lack of error handling in the TCP server in Google's gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial o ...
Continue Reading
December 15, 2023
Back to Main
