HIGH🇬🇧 English

CVE-2023-26964

CVSS 7.5v3.1pub. 2023-04-11upd. 2025-02-11

An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Hyper H2

    APP
    Hyper
    0.2.4
  • Hyper

    APP
    Hyper
    0.13.7
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2020-35863CRITICAL9.8ten sam produkt

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote c...

CVE-2022-31394HIGH7.5ten sam produkt

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 th...

CVE-2021-32714MEDIUM5.9ten sam produkt

hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a fla...

CVE-2021-21299MEDIUM4.8ten sam produkt

hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0....

CVE-2016-10932MEDIUM4.8ten sam produkt

An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-midd...