rpm package
suse/rustup&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
pkg:rpm/suse/rustup&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26964 | — | < 1.26.0~0-150400.3.7.1 | 1.26.0~0-150400.3.7.1 | Apr 11, 2023 | An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). | ||
| CVE-2022-31394 | — | < 1.26.0~0-150400.3.7.1 | 1.26.0~0-150400.3.7.1 | Feb 21, 2023 | Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. |
- CVE-2023-26964Apr 11, 2023affected < 1.26.0~0-150400.3.7.1fixed 1.26.0~0-150400.3.7.1
An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS).
- CVE-2022-31394Feb 21, 2023affected < 1.26.0~0-150400.3.7.1fixed 1.26.0~0-150400.3.7.1
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.