VYPR
High severity7.5CISA KEVNVD Advisory· Published Oct 10, 2023· Updated May 12, 2026

CVE-2023-44487

CVE-2023-44487

Description

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/apple/swift-nio-http2SwiftURL
< 1.28.01.28.0
golang.org/x/netGo
< 0.17.00.17.0
org.apache.tomcat:tomcat-coyoteMaven
>= 11.0.0-M1, < 11.0.0-M1211.0.0-M12
org.apache.tomcat:tomcat-coyoteMaven
>= 10.0.0, < 10.1.1410.1.14
org.apache.tomcat:tomcat-coyoteMaven
>= 9.0.0, < 9.0.819.0.81
org.apache.tomcat:tomcat-coyoteMaven
>= 8.5.0, < 8.5.948.5.94
org.apache.tomcat.embed:tomcat-embed-coreMaven
>= 11.0.0-M1, < 11.0.0-M1211.0.0-M12
org.apache.tomcat.embed:tomcat-embed-coreMaven
>= 10.0.0, < 10.1.1410.1.14
org.apache.tomcat.embed:tomcat-embed-coreMaven
>= 9.0.0, < 9.0.819.0.81
org.apache.tomcat.embed:tomcat-embed-coreMaven
>= 8.5.0, < 8.5.948.5.94
org.eclipse.jetty.http2:http2-commonMaven
>= 9.3.0, < 9.4.539.4.53
org.eclipse.jetty.http2:http2-commonMaven
>= 10.0.0, < 10.0.1710.0.17
org.eclipse.jetty.http2:http2-commonMaven
>= 11.0.0, < 11.0.1711.0.17
org.eclipse.jetty.http2:http2-serverMaven
>= 9.3.0, < 9.4.539.4.53
org.eclipse.jetty.http2:http2-serverMaven
>= 10.0.0, < 10.0.1710.0.17
org.eclipse.jetty.http2:http2-serverMaven
>= 11.0.0, < 11.0.1711.0.17
org.eclipse.jetty.http2:jetty-http2-commonMaven
>= 12.0.0, < 12.0.212.0.2
org.eclipse.jetty.http2:jetty-http2-serverMaven
>= 12.0.0, < 12.0.212.0.2
com.typesafe.akka:akka-http-coreMaven
< 10.5.310.5.3
com.typesafe.akka:akka-http-core_2.13Maven
< 10.5.310.5.3
com.typesafe.akka:akka-http-core_2.12Maven
< 10.5.310.5.3
com.typesafe.akka:akka-http-core_2.11Maven
<= 10.1.15

Affected products

1145

Patches

Vulnerability mechanics

References

247

News mentions

2