MEDIUM🇵🇱 Wersja polska

CVE-2023-44386

CVSS 5.3v3.1pub. 2023-10-05upd. 2024-11-21

Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Vapor

    APP
    Vapor
    4.83.2 – 4.84.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2022-31019HIGH7.5ten sam produkt

Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a...

CVE-2022-31005HIGH7.5ten sam produkt

Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled a...

CVE-2024-21631MEDIUM6.5ten sam produkt

Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function us...

CVE-2021-37634HIGH7.4ten sam vendor

Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-...

CVE-2026-28499MEDIUM6.9ten sam vendor

LeafKit is a templating language with Swift-inspired syntax. Prior to version 1.14.2, HTML escaping doesn't wo...