CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/10/7	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List Third Party Advisory
https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage Third Party Advisory
https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description Vendor Advisory
https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory Vendor Advisory
https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage Third Party Advisory
https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking Vendor Advisory
https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List Patch Vendor Advisory
https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description Vendor Advisory
https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description Vendor Advisory
https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Technical Description Third Party Advisory
https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking Patch
https://github.com/Azure/AKS/issues/3947	Issue Tracking
https://github.com/Kong/kong/discussions/11741	Issue Tracking
https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation Patch Vendor Advisory
https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch Vendor Advisory
https://github.com/akka/akka-http/issues/4323	Issue Tracking
https://github.com/alibaba/tengine/issues/1872	Issue Tracking
https://github.com/apache/apisix/issues/10320	Issue Tracking
https://github.com/apache/httpd-site/pull/10	Issue Tracking
https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product Third Party Advisory
https://github.com/apache/trafficserver/pull/10564	Issue Tracking Patch
https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
https://github.com/caddyserver/caddy/issues/5877	Issue Tracking Vendor Advisory
https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes Third Party Advisory
https://github.com/dotnet/announcements/issues/277	Issue Tracking Mitigation Vendor Advisory
https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product Release Notes
https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking Patch
https://github.com/etcd-io/etcd/issues/16740	Issue Tracking Patch
https://github.com/facebook/proxygen/pull/466	Issue Tracking Patch
https://github.com/golang/go/issues/63417	Issue Tracking
https://github.com/grpc/grpc-go/pull/6703	Issue Tracking Patch
https://github.com/grpc/grpc/releases/tag/v1.59.2	Mailing List
https://github.com/h2o/h2o/pull/3291	Issue Tracking Patch
https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking Patch
https://github.com/line/armeria/pull/5232	Issue Tracking Patch
https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
https://github.com/micrictor/http2-rst-stream	Exploit Third Party Advisory
https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking Patch
https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking Patch
https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
https://github.com/nodejs/node/pull/50121	Issue Tracking
https://github.com/openresty/openresty/issues/930	Issue Tracking
https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking Patch
https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
https://github.com/projectcontour/contour/pull/5826	Issue Tracking Patch
https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List Release Notes Vendor Advisory
https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	Mailing List
https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List Third Party Advisory
https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List Patch Third Party Advisory
https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation Patch Vendor Advisory
https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes Vendor Advisory
https://news.ycombinator.com/item?id=37830987	Issue Tracking
https://news.ycombinator.com/item?id=37830998	Issue Tracking Press/Media Coverage
https://news.ycombinator.com/item?id=37831062	Issue Tracking
https://news.ycombinator.com/item?id=37837043	Issue Tracking
https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
https://security.gentoo.org/glsa/202311-09	Third Party Advisory
https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit Third Party Advisory
https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory US Government Resource
https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage Third Party Advisory
https://www.debian.org/security/2023/dsa-5521	Mailing List Vendor Advisory
https://www.debian.org/security/2023/dsa-5522	Mailing List Vendor Advisory
https://www.debian.org/security/2023/dsa-5540	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5549	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5558	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory Vendor Advisory
https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation Vendor Advisory
https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List Third Party Advisory
https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List Third Party Advisory
https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage Third Party Advisory
https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description Vendor Advisory
https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory Vendor Advisory
https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage Third Party Advisory
https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking Vendor Advisory
https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List Patch Vendor Advisory
https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description Vendor Advisory
https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description Vendor Advisory
https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Technical Description Third Party Advisory
https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking Patch
https://github.com/Azure/AKS/issues/3947	Issue Tracking
https://github.com/Kong/kong/discussions/11741	Issue Tracking
https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation Patch Vendor Advisory
https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch Vendor Advisory
https://github.com/akka/akka-http/issues/4323	Issue Tracking
https://github.com/alibaba/tengine/issues/1872	Issue Tracking
https://github.com/apache/apisix/issues/10320	Issue Tracking
https://github.com/apache/httpd-site/pull/10	Issue Tracking
https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product Third Party Advisory
https://github.com/apache/trafficserver/pull/10564	Issue Tracking Patch
https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
https://github.com/caddyserver/caddy/issues/5877	Issue Tracking Vendor Advisory
https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes Third Party Advisory
https://github.com/dotnet/announcements/issues/277	Issue Tracking Mitigation Vendor Advisory
https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product Release Notes
https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking Patch
https://github.com/etcd-io/etcd/issues/16740	Issue Tracking Patch
https://github.com/facebook/proxygen/pull/466	Issue Tracking Patch
https://github.com/golang/go/issues/63417	Issue Tracking
https://github.com/grpc/grpc-go/pull/6703	Issue Tracking Patch
https://github.com/h2o/h2o/pull/3291	Issue Tracking Patch
https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking Patch
https://github.com/line/armeria/pull/5232	Issue Tracking Patch
https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
https://github.com/micrictor/http2-rst-stream	Exploit Third Party Advisory
https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking Patch
https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking Patch
https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
https://github.com/nodejs/node/pull/50121	Issue Tracking
https://github.com/openresty/openresty/issues/930	Issue Tracking
https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking Patch
https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
https://github.com/projectcontour/contour/pull/5826	Issue Tracking Patch
https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List Release Notes Vendor Advisory
https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	Mailing List Third Party Advisory
https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List Third Party Advisory
https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List Patch Third Party Advisory
https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation Patch Vendor Advisory
https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes Vendor Advisory
https://news.ycombinator.com/item?id=37830987	Issue Tracking
https://news.ycombinator.com/item?id=37830998	Issue Tracking Press/Media Coverage
https://news.ycombinator.com/item?id=37831062	Issue Tracking
https://news.ycombinator.com/item?id=37837043	Issue Tracking
https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
https://security.gentoo.org/glsa/202311-09	Third Party Advisory
https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit Third Party Advisory
https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory US Government Resource
https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage Third Party Advisory
https://www.debian.org/security/2023/dsa-5521	Mailing List Vendor Advisory
https://www.debian.org/security/2023/dsa-5522	Mailing List Vendor Advisory
https://www.debian.org/security/2023/dsa-5540	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5549	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5558	Mailing List Third Party Advisory
https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory Vendor Advisory
https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation Vendor Advisory
https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List Third Party Advisory
https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage Third Party Advisory
https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:a:envoyproxy:envoy:1.24.10:::::::*
	cpe:2.3:a:envoyproxy:envoy:1.25.9:::::::*
	cpe:2.3:a:envoyproxy:envoy:1.26.4:::::::*
	cpe:2.3:a:envoyproxy:envoy:1.27.0:::::::*

Configuration 5 (hide)

OR	cpe:2.3:a:eclipse:jetty::::::::
	cpe:2.3:a:eclipse:jetty::::::::
	cpe:2.3:a:eclipse:jetty::::::::
	cpe:2.3:a:eclipse:jetty::::::::

Configuration 6 (hide)

cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*

Configuration 7 (hide)

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:http2::::::go::*
	cpe:2.3:a:golang:networking::::::go::*

Configuration 8 (hide)

OR	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::
	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::
	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::
	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::
	cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::
	cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::
	cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::
	cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::
	cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::
	cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::
	cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::
	cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::
	cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::
	cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::
	cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::
	cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::
	cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:::::::*
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
cpe:2.3:a:f5:big-ip_link_controller:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_next:20.0.1:::::::*
cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes::::::::
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::
cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_webaccelerator::::::::
cpe:2.3:a:f5:big-ip_webaccelerator::::::::
cpe:2.3:a:f5:big-ip_webaccelerator::::::::
cpe:2.3:a:f5:big-ip_webaccelerator::::::::
cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_websafe::::::::
cpe:2.3:a:f5:big-ip_websafe::::::::
cpe:2.3:a:f5:big-ip_websafe::::::::
cpe:2.3:a:f5:big-ip_websafe::::::::
cpe:2.3:a:f5:big-ip_websafe:17.1.0:::::::*
cpe:2.3:a:f5:nginx::::::::
cpe:2.3:a:f5:nginx_ingress_controller::::::::
cpe:2.3:a:f5:nginx_ingress_controller::::::::
cpe:2.3:a:f5:nginx_plus::::::::
cpe:2.3:a:f5:nginx_plus:r29:-::::::
cpe:2.3:a:f5:nginx_plus:r30:-::::::

Configuration 9 (hide)

OR	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone1::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone10::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone11::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone2::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone3::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone4::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone5::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone6::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone7::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone8::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone9::::::

Configuration 10 (hide)

cpe:2.3:a:apple:swiftnio_http\/2:*:*:*:*:*:swift:*:*

Configuration 11 (hide)

OR	cpe:2.3:a:grpc:grpc::::::go::*
	cpe:2.3:a:grpc:grpc::::::-::*
	cpe:2.3:a:grpc:grpc::::::go::*
	cpe:2.3:a:grpc:grpc:1.57.0:-::::go::*

Configuration 12 (hide)

OR	cpe:2.3:a:microsoft:.net::::::::
	cpe:2.3:a:microsoft:.net::::::::
	cpe:2.3:a:microsoft:asp.net_core::::::::
	cpe:2.3:a:microsoft:asp.net_core::::::::
	cpe:2.3:a:microsoft:azure_kubernetes_service::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:o:microsoft:windows_10_1607:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_1607:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_1809::::::::
	cpe:2.3:o:microsoft:windows_10_21h2::::::::
	cpe:2.3:o:microsoft:windows_10_22h2::::::::
	cpe:2.3:o:microsoft:windows_11_21h2::::::::
	cpe:2.3:o:microsoft:windows_11_22h2::::::::
	cpe:2.3:o:microsoft:windows_server_2016:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2022:-:::::::*

Configuration 13 (hide)

OR	cpe:2.3:a:nodejs:node.js:::::lts:::*
	cpe:2.3:a:nodejs:node.js::::::::

Configuration 14 (hide)

cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*

Configuration 15 (hide)

cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*

Configuration 16 (hide)

cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*

Configuration 17 (hide)

OR	cpe:2.3:a:apache:apisix::::::::
	cpe:2.3:a:apache:traffic_server::::::::
	cpe:2.3:a:apache:traffic_server::::::::

Configuration 18 (hide)

cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*

Configuration 19 (hide)

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:debian:debian_linux:12.0:::::::*

Configuration 20 (hide)

cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*

Configuration 21 (hide)

OR	cpe:2.3:a:istio:istio::::::::
	cpe:2.3:a:istio:istio::::::::
	cpe:2.3:a:istio:istio::::::::

Configuration 22 (hide)

cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*

Configuration 23 (hide)

OR	cpe:2.3:a:traefik:traefik::::::::
	cpe:2.3:a:traefik:traefik:3.0.0:beta1::::::
	cpe:2.3:a:traefik:traefik:3.0.0:beta2::::::
	cpe:2.3:a:traefik:traefik:3.0.0:beta3::::::

Configuration 24 (hide)

cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*

Configuration 25 (hide)

OR	cpe:2.3:a:linkerd:linkerd:::::stable:kubernetes::
	cpe:2.3:a:linkerd:linkerd:2.13.0::::stable:kubernetes::*
	cpe:2.3:a:linkerd:linkerd:2.13.1::::stable:kubernetes::*
	cpe:2.3:a:linkerd:linkerd:2.14.0::::stable:kubernetes::*
	cpe:2.3:a:linkerd:linkerd:2.14.1::::stable:kubernetes::*

Configuration 26 (hide)

cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*

Configuration 27 (hide)

OR	cpe:2.3:a:redhat:3scale_api_management_platform:2.0:::::::*
	cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:::::::*
	cpe:2.3:a:redhat:advanced_cluster_security:3.0:::::::*
	cpe:2.3:a:redhat:advanced_cluster_security:4.0:::::::*
	cpe:2.3:a:redhat:ansible_automation_platform:2.0:::::::*
	cpe:2.3:a:redhat:build_of_optaplanner:8.0:::::::*
	cpe:2.3:a:redhat:build_of_quarkus:-:::::::*
	cpe:2.3:a:redhat:ceph_storage:5.0:::::::*
	cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:::::::*
	cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:::::::*
	cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:::::::*
	cpe:2.3:a:redhat:cost_management:-:::::::*
	cpe:2.3:a:redhat:cryostat:2.0:::::::*
	cpe:2.3:a:redhat:decision_manager:7.0:::::::*
	cpe:2.3:a:redhat:fence_agents_remediation_operator:-:::::::*
	cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:::::::*
	cpe:2.3:a:redhat:integration_camel_k:-:::::::*
	cpe:2.3:a:redhat:integration_service_registry:-:::::::*
	cpe:2.3:a:redhat:jboss_a-mq:7:::::::*
	cpe:2.3:a:redhat:jboss_a-mq_streams:-:::::::*
	cpe:2.3:a:redhat:jboss_core_services:-:::::::*
	cpe:2.3:a:redhat:jboss_data_grid:7.0.0:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:::::::*
	cpe:2.3:a:redhat:jboss_fuse:6.0.0:::::::*
	cpe:2.3:a:redhat:jboss_fuse:7.0.0:::::::*
	cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:::::::*
	cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:::::::*
	cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:::::::*
	cpe:2.3:a:redhat:migration_toolkit_for_containers:-:::::::*
	cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:::::::*
	cpe:2.3:a:redhat:network_observability_operator:-:::::::*
	cpe:2.3:a:redhat:node_healthcheck_operator:-:::::::*
	cpe:2.3:a:redhat:node_maintenance_operator:-:::::::*
	cpe:2.3:a:redhat:openshift:-:::::aws::
	cpe:2.3:a:redhat:openshift_api_for_data_protection:-:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:::::::*
	cpe:2.3:a:redhat:openshift_data_science:-:::::::*
	cpe:2.3:a:redhat:openshift_dev_spaces:-:::::::*
	cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:::::::*
	cpe:2.3:a:redhat:openshift_distributed_tracing:-:::::::*
	cpe:2.3:a:redhat:openshift_gitops:-:::::::*
	cpe:2.3:a:redhat:openshift_pipelines:-:::::::*
	cpe:2.3:a:redhat:openshift_sandboxed_containers:-:::::::*
	cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:::::::*
	cpe:2.3:a:redhat:openshift_serverless:-:::::::*
	cpe:2.3:a:redhat:openshift_service_mesh:2.0:::::::*
	cpe:2.3:a:redhat:openshift_virtualization:4:::::::*
	cpe:2.3:a:redhat:openstack_platform:16.1:::::::*
	cpe:2.3:a:redhat:openstack_platform:16.2:::::::*
	cpe:2.3:a:redhat:openstack_platform:17.1:::::::*
	cpe:2.3:a:redhat:process_automation:7.0:::::::*
	cpe:2.3:a:redhat:quay:3.0.0:::::::*
	cpe:2.3:a:redhat:run_once_duration_override_operator:-:::::::*
	cpe:2.3:a:redhat:satellite:6.0:::::::*
	cpe:2.3:a:redhat:self_node_remediation_operator:-:::::::*
	cpe:2.3:a:redhat:service_interconnect:1.0:::::::*
	cpe:2.3:a:redhat:single_sign-on:7.0:::::::*
	cpe:2.3:a:redhat:support_for_spring_boot:-:::::::*
	cpe:2.3:a:redhat:web_terminal:-:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

Configuration 28 (hide)

AND

cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 29 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

Configuration 30 (hide)

OR	cpe:2.3:a:netapp:astra_control_center:-:::::::*
	cpe:2.3:a:netapp:oncommand_insight:-:::::::*

Configuration 31 (hide)

cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*

Configuration 32 (hide)

cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*

Configuration 33 (hide)

OR	cpe:2.3:a:jenkins:jenkins:::::lts:::*
	cpe:2.3:a:jenkins:jenkins:::::-:::*

Configuration 34 (hide)

cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*

Configuration 35 (hide)

cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*

Configuration 36 (hide)

OR	cpe:2.3:a:cisco:connected_mobile_experiences::::::::
	cpe:2.3:a:cisco:crosswork_data_gateway::::::::
	cpe:2.3:a:cisco:crosswork_data_gateway:5.0:::::::*
	cpe:2.3:a:cisco:crosswork_zero_touch_provisioning::::::::
	cpe:2.3:a:cisco:data_center_network_manager:-:::::::*
	cpe:2.3:a:cisco:enterprise_chat_and_email:-:::::::*
	cpe:2.3:a:cisco:expressway::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:iot_field_network_director::::::::
	cpe:2.3:a:cisco:prime_access_registrar::::::::
	cpe:2.3:a:cisco:prime_cable_provisioning::::::::
	cpe:2.3:a:cisco:prime_infrastructure::::::::
	cpe:2.3:a:cisco:prime_network_registrar::::::::
	cpe:2.3:a:cisco:secure_dynamic_attributes_connector::::::::
	cpe:2.3:a:cisco:secure_malware_analytics::::::::
	cpe:2.3:a:cisco:telepresence_video_communication_server::::::::
	cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function::::::::
	cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:::::::*
	cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function::::::::
	cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function::::::::
	cpe:2.3:a:cisco:unified_attendant_console_advanced:-:::::::*
	cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:::::::*
	cpe:2.3:a:cisco:unified_contact_center_enterprise:-:::::::*
	cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server::::::::
	cpe:2.3:a:cisco:unified_contact_center_management_portal:-:::::::*
	cpe:2.3:o:cisco:fog_director::::::::
	cpe:2.3:o:cisco:ios_xe::::::::
	cpe:2.3:o:cisco:ios_xr::::::::

Configuration 37 (hide)

AND

cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_3016:-:::::::*
	cpe:2.3:h:cisco:nexus_3016q:-:::::::*
	cpe:2.3:h:cisco:nexus_3048:-:::::::*
	cpe:2.3:h:cisco:nexus_3064:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-32t:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-t:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3064t:-:::::::*
	cpe:2.3:h:cisco:nexus_3064x:-:::::::*
	cpe:2.3:h:cisco:nexus_3100:-:::::::*
	cpe:2.3:h:cisco:nexus_3100-v:-:::::::*
	cpe:2.3:h:cisco:nexus_3100-z:-:::::::*
	cpe:2.3:h:cisco:nexus_3100v:-:::::::*
	cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31108pv-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
	cpe:2.3:h:cisco:nexus_3132c-z:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-v:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-x\/3132q-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3164q:-:::::::*
	cpe:2.3:h:cisco:nexus_3172:-:::::::*
	cpe:2.3:h:cisco:nexus_3172pq:-:::::::*
	cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3172pq\/pq-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3172tq:-:::::::*
	cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::*
	cpe:2.3:h:cisco:nexus_3172tq-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3200:-:::::::*
	cpe:2.3:h:cisco:nexus_3232:-:::::::*
	cpe:2.3:h:cisco:nexus_3232c:-:::::::*
	cpe:2.3:h:cisco:nexus_3232c_:-:::::::*
	cpe:2.3:h:cisco:nexus_3264c-e:-:::::::*
	cpe:2.3:h:cisco:nexus_3264q:-:::::::*
	cpe:2.3:h:cisco:nexus_3400:-:::::::*
	cpe:2.3:h:cisco:nexus_3408-s:-:::::::*
	cpe:2.3:h:cisco:nexus_34180yc:-:::::::*
	cpe:2.3:h:cisco:nexus_34200yc-sm:-:::::::*
	cpe:2.3:h:cisco:nexus_3432d-s:-:::::::*
	cpe:2.3:h:cisco:nexus_3464c:-:::::::*
	cpe:2.3:h:cisco:nexus_3500:-:::::::*
	cpe:2.3:h:cisco:nexus_3524:-:::::::*
	cpe:2.3:h:cisco:nexus_3524-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3524-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3548:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3600:-:::::::*
	cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::*
	cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*

Configuration 39 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_9000v:-:::::::*
	cpe:2.3:h:cisco:nexus_9200:-:::::::*
	cpe:2.3:h:cisco:nexus_9200yc:-:::::::*
	cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
	cpe:2.3:h:cisco:nexus_92160yc_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9221c:-:::::::*
	cpe:2.3:h:cisco:nexus_92300yc:-:::::::*
	cpe:2.3:h:cisco:nexus_92300yc_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
	cpe:2.3:h:cisco:nexus_92304qc_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9232e:-:::::::*
	cpe:2.3:h:cisco:nexus_92348gc-x:-:::::::*
	cpe:2.3:h:cisco:nexus_9236c:-:::::::*
	cpe:2.3:h:cisco:nexus_9236c_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9272q:-:::::::*
	cpe:2.3:h:cisco:nexus_9272q_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9300:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-fx:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:::::::*
	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93120tx_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_93128:-:::::::*
	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93128tx_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9316d-gx:-:::::::*
	cpe:2.3:h:cisco:nexus_93180lc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_93180tc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-fx:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-fx3:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:::::::*
	cpe:2.3:h:cisco:nexus_93216tc-fx2:-:::::::*
	cpe:2.3:h:cisco:nexus_93240tc-fx2:-:::::::*
	cpe:2.3:h:cisco:nexus_93240yc-fx2:-:::::::*
	cpe:2.3:h:cisco:nexus_9332c:-:::::::*
	cpe:2.3:h:cisco:nexus_9332d-gx2b:-:::::::*
	cpe:2.3:h:cisco:nexus_9332d-h2r:-:::::::*
	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
	cpe:2.3:h:cisco:nexus_9332pq_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_93360yc-fx2:-:::::::*
	cpe:2.3:h:cisco:nexus_9336c-fx2:-:::::::*
	cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq_aci:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:::::::*
	cpe:2.3:h:cisco:nexus_9348d-gx2a:-:::::::*
	cpe:2.3:h:cisco:nexus_9348gc-fx3:-:::::::*
	cpe:2.3:h:cisco:nexus_9348gc-fxp:-:::::::*
	cpe:2.3:h:cisco:nexus_93600cd-gx:-:::::::*
	cpe:2.3:h:cisco:nexus_9364c:-:::::::*
	cpe:2.3:h:cisco:nexus_9364c-gx:-:::::::*
	cpe:2.3:h:cisco:nexus_9364d-gx2a:-:::::::*
	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
cpe:2.3:h:cisco:nexus_9372px-e:-:::::::*
cpe:2.3:h:cisco:nexus_9372px-e_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9372px_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
cpe:2.3:h:cisco:nexus_9372tx-e:-:::::::*
cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9372tx_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9396px:-:::::::*
cpe:2.3:h:cisco:nexus_9396px_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
cpe:2.3:h:cisco:nexus_9396tx_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9408:-:::::::*
cpe:2.3:h:cisco:nexus_9432pq:-:::::::*
cpe:2.3:h:cisco:nexus_9500:-:::::::*
cpe:2.3:h:cisco:nexus_9500_16-slot:-:::::::*
cpe:2.3:h:cisco:nexus_9500_4-slot:-:::::::*
cpe:2.3:h:cisco:nexus_9500_8-slot:-:::::::*
cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:::::::*
cpe:2.3:h:cisco:nexus_9500_supervisor_a\+:-:::::::*
cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:::::::*
cpe:2.3:h:cisco:nexus_9500_supervisor_b\+:-:::::::*
cpe:2.3:h:cisco:nexus_9500r:-:::::::*
cpe:2.3:h:cisco:nexus_9504:-:::::::*
cpe:2.3:h:cisco:nexus_9504_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9508:-:::::::*
cpe:2.3:h:cisco:nexus_9508_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9516:-:::::::*
cpe:2.3:h:cisco:nexus_9516_switch:-:::::::*
cpe:2.3:h:cisco:nexus_9536pq:-:::::::*
cpe:2.3:h:cisco:nexus_9636pq:-:::::::*
cpe:2.3:h:cisco:nexus_9716d-gx:-:::::::*
cpe:2.3:h:cisco:nexus_9736pq:-:::::::*
cpe:2.3:h:cisco:nexus_9800:-:::::::*
cpe:2.3:h:cisco:nexus_9804:-:::::::*
cpe:2.3:h:cisco:nexus_9808:-:::::::*

History

03 Apr 2025, 20:26

07 Mar 2025, 19:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2023/10/10/6 - () http://www.openwall.com/lists/oss-security/2023/10/10/7 - () https://github.com/grpc/grpc/releases/tag/v1.59.2 - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ -
References	~~() https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ - Vendor Advisory~~	() https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ - Third Party Advisory, Vendor Advisory
References	~~() https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 - Patch~~	() https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 - Issue Tracking, Patch
References	~~() https://github.com/advisories/GHSA-vx74-f528-fxqg - Mitigation, Patch~~	() https://github.com/advisories/GHSA-vx74-f528-fxqg - Mitigation, Patch, Vendor Advisory
References	~~() https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 - Product~~	() https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 - Product, Third Party Advisory
References	~~() https://github.com/dotnet/announcements/issues/277 - Mitigation, Vendor Advisory~~	() https://github.com/dotnet/announcements/issues/277 - Issue Tracking, Mitigation, Vendor Advisory
References	~~() https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 - Release Notes~~	() https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 - Product, Release Notes
References	~~() https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo - Mailing List, Vendor Advisory~~	() https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo - Mailing List, Release Notes, Vendor Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html - Mailing List~~	() https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html - Mailing List, Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20240621-0006/ - Third Party Advisory~~	() https://security.netapp.com/advisory/ntap-20240621-0006/ - Exploit, Third Party Advisory
References	~~() https://www.debian.org/security/2023/dsa-5521 - Vendor Advisory~~	() https://www.debian.org/security/2023/dsa-5521 - Mailing List, Vendor Advisory
References	~~() https://www.debian.org/security/2023/dsa-5522 - Vendor Advisory~~	() https://www.debian.org/security/2023/dsa-5522 - Mailing List, Vendor Advisory
References	~~() https://www.debian.org/security/2023/dsa-5540 - Third Party Advisory~~	() https://www.debian.org/security/2023/dsa-5540 - Mailing List, Third Party Advisory
References	~~() https://www.debian.org/security/2023/dsa-5549 - Third Party Advisory~~	() https://www.debian.org/security/2023/dsa-5549 - Mailing List, Third Party Advisory
References	~~() https://www.debian.org/security/2023/dsa-5558 - Third Party Advisory~~	() https://www.debian.org/security/2023/dsa-5558 - Mailing List, Third Party Advisory
References	~~() https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 - Vendor Advisory~~	() https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 - Third Party Advisory, Vendor Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ - Mailing List~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ - Mailing List, Third Party Advisory

20 Dec 2024, 17:40

21 Nov 2024, 08:25

14 Aug 2024, 19:57

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo

27 Jun 2024, 18:34

Type	Values Removed	Values Added
References	~~() https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ - Vendor Advisory~~	() https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ - Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20240426-0007/ -~~	() https://security.netapp.com/advisory/ntap-20240426-0007/ - Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20240621-0006/ -~~	() https://security.netapp.com/advisory/ntap-20240621-0006/ - Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20240621-0007/ -~~	() https://security.netapp.com/advisory/ntap-20240621-0007/ - Third Party Advisory
First Time		Netapp oncommand Insight
CPE		cpe:2.3:a:netapp:oncommand_insight:-:::::::*

21 Jun 2024, 19:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20240621-0006/ - () https://security.netapp.com/advisory/ntap-20240621-0007/ -

26 Apr 2024, 09:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20240426-0007/ -

02 Feb 2024, 15:40

Type	Values Removed	Values Added
CPE		cpe:2.3:h:cisco:nexus_9372px-e_switch:-:::::::* cpe:2.3:h:cisco:nexus_3432d-s:-:::::::* cpe:2.3:h:cisco:nexus_9348gc-fx3:-:::::::* cpe:2.3:h:cisco:nexus_9500_supervisor_b\+:-:::::::* cpe:2.3:a:cisco:prime_infrastructure:::::::: cpe:2.3:h:cisco:nexus_93108tc-fx:-:::::::* cpe:2.3:h:cisco:nexus_9432pq:-:::::::* cpe:2.3:h:cisco:nexus_9348d-gx2a:-:::::::* cpe:2.3:h:cisco:nexus_3064-x:-:::::::* cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:::::::* cpe:2.3:h:cisco:nexus_9804:-:::::::* cpe:2.3:a:cisco:prime_network_registrar:::::::: cpe:2.3:h:cisco:nexus_3016:-:::::::* cpe:2.3:h:cisco:nexus_93128tx_switch:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::* cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:::::::* cpe:2.3:h:cisco:nexus_9372px_switch:-:::::::* cpe:2.3:h:cisco:nexus_9221c:-:::::::* cpe:2.3:a:cisco:secure_dynamic_attributes_connector:::::::: cpe:2.3:h:cisco:nexus_31128pq:-:::::::* cpe:2.3:h:cisco:nexus_9504_switch:-:::::::* cpe:2.3:h:cisco:nexus_3048:-:::::::* cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:::::::* cpe:2.3:a:cisco:telepresence_video_communication_server:::::::: cpe:2.3:h:cisco:nexus_9800:-:::::::* cpe:2.3:h:cisco:nexus_3172pq\/pq-xl:-:::::::* cpe:2.3:a:cisco:prime_access_registrar:::::::: cpe:2.3:h:cisco:nexus_9336pq_aci:-:::::::* cpe:2.3:h:cisco:nexus_9500_4-slot:-:::::::* cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::* cpe:2.3:h:cisco:nexus_3100-v:-:::::::* cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:::::::: cpe:2.3:h:cisco:nexus_9200:-:::::::* cpe:2.3:h:cisco:nexus_3636c-r:-:::::::* cpe:2.3:h:cisco:nexus_92300yc_switch:-:::::::* cpe:2.3:h:cisco:nexus_3264q:-:::::::* cpe:2.3:h:cisco:secure_web_appliance:-:::::::* cpe:2.3:h:cisco:nexus_3064x:-:::::::* cpe:2.3:h:cisco:nexus_93360yc-fx2:-:::::::* cpe:2.3:h:cisco:nexus_3400:-:::::::* cpe:2.3:h:cisco:nexus_3232c_:-:::::::* cpe:2.3:h:cisco:nexus_9300:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-fx3:-:::::::* cpe:2.3:h:cisco:nexus_9332pq_switch:-:::::::* cpe:2.3:h:cisco:nexus_92348gc-x:-:::::::* cpe:2.3:h:cisco:nexus_93180lc-ex:-:::::::* cpe:2.3:h:cisco:nexus_3600:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-fx:-:::::::* cpe:2.3:a:cisco:iot_field_network_director:::::::: cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:::::::* cpe:2.3:h:cisco:nexus_3232c:-:::::::* cpe:2.3:h:cisco:nexus_3064-32t:-:::::::* cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:::::::* cpe:2.3:h:cisco:nexus_93128tx:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:::::::* cpe:2.3:h:cisco:nexus_3464c:-:::::::* cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::* cpe:2.3:h:cisco:nexus_3064t:-:::::::* cpe:2.3:h:cisco:nexus_3064:-:::::::* cpe:2.3:h:cisco:nexus_9500_supervisor_a\+:-:::::::* cpe:2.3:h:cisco:nexus_9364c:-:::::::* cpe:2.3:h:cisco:nexus_9372tx-e:-:::::::* cpe:2.3:h:cisco:nexus_93120tx:-:::::::* cpe:2.3:h:cisco:nexus_9372tx:-:::::::* cpe:2.3:h:cisco:nexus_31108pv-v:-:::::::* cpe:2.3:h:cisco:nexus_9516:-:::::::* cpe:2.3:h:cisco:nexus_9336pq:-:::::::* cpe:2.3:h:cisco:nexus_3524:-:::::::* cpe:2.3:h:cisco:nexus_3548-x:-:::::::* cpe:2.3:h:cisco:nexus_3172tq:-:::::::* cpe:2.3:h:cisco:nexus_3172pq:-:::::::* cpe:2.3:h:cisco:nexus_3524-x:-:::::::* cpe:2.3:h:cisco:nexus_9332d-h2r:-:::::::* cpe:2.3:a:cisco:data_center_network_manager:-:::::::* cpe:2.3:h:cisco:nexus_3408-s:-:::::::* cpe:2.3:h:cisco:nexus_9364c-gx:-:::::::* cpe:2.3:h:cisco:nexus_3132q-v:-:::::::* cpe:2.3:o:cisco:nx-os:::::::: cpe:2.3:h:cisco:nexus_3064-t:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:::::::* cpe:2.3:h:cisco:nexus_93180tc-ex:-:::::::* cpe:2.3:h:cisco:nexus_9636pq:-:::::::* cpe:2.3:h:cisco:nexus_9316d-gx:-:::::::* cpe:2.3:h:cisco:nexus_34180yc:-:::::::* cpe:2.3:h:cisco:nexus_9516_switch:-:::::::* cpe:2.3:a:cisco:enterprise_chat_and_email:-:::::::* cpe:2.3:h:cisco:nexus_9348gc-fxp:-:::::::* cpe:2.3:o:cisco:secure_web_appliance_firmware:::::::: cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:::::::* cpe:2.3:h:cisco:nexus_34200yc-sm:-:::::::* cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::* cpe:2.3:o:cisco:ios_xr:::::::: cpe:2.3:h:cisco:nexus_9500r:-:::::::* cpe:2.3:a:cisco:expressway:::::::: cpe:2.3:a:cisco:firepower_threat_defense:::::::: cpe:2.3:h:cisco:nexus_3100v:-:::::::* cpe:2.3:h:cisco:nexus_9500:-:::::::* cpe:2.3:h:cisco:nexus_9736pq:-:::::::* cpe:2.3:a:cisco:connected_mobile_experiences:::::::: cpe:2.3:h:cisco:nexus_9504:-:::::::* cpe:2.3:h:cisco:nexus_3132q-x:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:::::::* cpe:2.3:h:cisco:nexus_9236c_switch:-:::::::* cpe:2.3:h:cisco:nexus_9716d-gx:-:::::::* cpe:2.3:h:cisco:nexus_9396px_switch:-:::::::* cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::* cpe:2.3:h:cisco:nexus_93128:-:::::::* cpe:2.3:h:cisco:nexus_3500:-:::::::* cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:::::::* cpe:2.3:h:cisco:nexus_3172:-:::::::* cpe:2.3:h:cisco:nexus_3548:-:::::::* cpe:2.3:h:cisco:nexus_9508:-:::::::* cpe:2.3:h:cisco:nexus_9272q:-:::::::* cpe:2.3:h:cisco:nexus_3100-z:-:::::::* cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::* cpe:2.3:h:cisco:nexus_9200yc:-:::::::* cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::* cpe:2.3:h:cisco:nexus_3264c-e:-:::::::* cpe:2.3:a:cisco:secure_malware_analytics:::::::: cpe:2.3:h:cisco:nexus_93240yc-fx2:-:::::::* cpe:2.3:h:cisco:nexus_9808:-:::::::* cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::* cpe:2.3:h:cisco:nexus_3132q:-:::::::* cpe:2.3:h:cisco:nexus_93600cd-gx:-:::::::* cpe:2.3:h:cisco:nexus_9336c-fx2:-:::::::* cpe:2.3:h:cisco:nexus_93120tx_switch:-:::::::* cpe:2.3:h:cisco:nexus_9508_switch:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:::::::* cpe:2.3:h:cisco:nexus_9500_16-slot:-:::::::* cpe:2.3:h:cisco:nexus_9272q_switch:-:::::::* cpe:2.3:h:cisco:nexus_9236c:-:::::::* cpe:2.3:h:cisco:nexus_9232e:-:::::::* cpe:2.3:a:cisco:crosswork_data_gateway:5.0:::::::* cpe:2.3:h:cisco:nexus_9364d-gx2a:-:::::::* cpe:2.3:h:cisco:nexus_3232:-:::::::* cpe:2.3:h:cisco:nexus_9000v:-:::::::* cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:::::::* cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:::::::* cpe:2.3:h:cisco:nexus_9332d-gx2b:-:::::::* cpe:2.3:h:cisco:nexus_92304qc:-:::::::* cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::* cpe:2.3:a:cisco:unified_attendant_console_advanced:-:::::::* cpe:2.3:h:cisco:nexus_3172tq-xl:-:::::::* cpe:2.3:h:cisco:nexus_3200:-:::::::* cpe:2.3:h:cisco:nexus_93216tc-fx2:-:::::::* cpe:2.3:h:cisco:nexus_9332pq:-:::::::* cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::* cpe:2.3:h:cisco:nexus_3548-xl:-:::::::* cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::* cpe:2.3:h:cisco:nexus_9500_8-slot:-:::::::* cpe:2.3:a:cisco:crosswork_data_gateway:::::::: cpe:2.3:h:cisco:nexus_93240tc-fx2:-:::::::* cpe:2.3:a:cisco:prime_cable_provisioning:::::::: cpe:2.3:h:cisco:nexus_3100:-:::::::* cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:::::::: cpe:2.3:a:cisco:unified_contact_center_enterprise:-:::::::* cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:::::::: cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:::::::* cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:::::::* cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:::::::* cpe:2.3:h:cisco:nexus_92160yc_switch:-:::::::* cpe:2.3:h:cisco:nexus_92300yc:-:::::::* cpe:2.3:h:cisco:nexus_9396px:-:::::::* cpe:2.3:a:cisco:unified_contact_center_management_portal:-:::::::* cpe:2.3:o:cisco:ios_xe:::::::: cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:::::::* cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:::::::: cpe:2.3:h:cisco:nexus_3524-xl:-:::::::* cpe:2.3:h:cisco:nexus_9332c:-:::::::* cpe:2.3:h:cisco:nexus_3164q:-:::::::* cpe:2.3:h:cisco:nexus_9536pq:-:::::::* cpe:2.3:h:cisco:nexus_9372px-e:-:::::::* cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:::::::: cpe:2.3:h:cisco:nexus_3132c-z:-:::::::* cpe:2.3:o:cisco:fog_director:::::::: cpe:2.3:h:cisco:nexus_3132q-x\/3132q-xl:-:::::::* cpe:2.3:h:cisco:nexus_9396tx:-:::::::* cpe:2.3:h:cisco:nexus_9408:-:::::::* cpe:2.3:h:cisco:nexus_9372tx_switch:-:::::::* cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:::::::* cpe:2.3:h:cisco:nexus_92304qc_switch:-:::::::* cpe:2.3:h:cisco:nexus_3016q:-:::::::* cpe:2.3:h:cisco:nexus_9396tx_switch:-:::::::* cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::* cpe:2.3:h:cisco:nexus_9372px:-:::::::*
First Time		Cisco nexus 3132q-x Cisco nexus 9236c Switch Cisco crosswork Zero Touch Provisioning Cisco nexus 3548-x\/xl Cisco unified Contact Center Domain Manager Cisco Cisco nexus 9372px-e Cisco nexus 93108tc-ex Cisco nexus 9500r Cisco nexus 9336pq Aci Spine Switch Cisco nexus 93180yc-fx-24 Cisco nexus 3500 Cisco unified Attendant Console Advanced Cisco ultra Cloud Core - Serving Gateway Function Cisco nexus 93128 Cisco nexus 9500 Supervisor A\+ Cisco nexus 3048 Cisco nexus 9300 Cisco nexus 3100v Cisco prime Network Registrar Cisco nexus 3016 Cisco nexus 3200 Cisco nexus 3132q-x\/3132q-xl Cisco unified Contact Center Management Portal Cisco nexus 9804 Cisco nexus 93180lc-ex Switch Cisco nexus 9272q Cisco data Center Network Manager Cisco nexus 93180yc-ex Switch Cisco nexus 3132c-z Cisco nexus 3100-z Cisco secure Dynamic Attributes Connector Cisco expressway Cisco nexus 3172pq-xl Cisco nexus 9516 Cisco nexus 9348gc-fx3 Cisco nexus 9316d-gx Cisco nexus 9396tx Switch Cisco nexus 3600 Cisco nexus 3524-xl Cisco ultra Cloud Core - Session Management Function Cisco secure Web Appliance Cisco nexus 3064-x Cisco nexus 9336c-fx2 Cisco nexus 31108pv-v Cisco nexus 9336pq Aci Spine Cisco nexus 3548-x Cisco nexus 3232c Cisco nexus 3064-32t Cisco nexus 9364c-gx Cisco enterprise Chat And Email Cisco nexus 3132q-xl Cisco secure Web Appliance Firmware Cisco ultra Cloud Core - Policy Control Function Cisco nexus 3232c Cisco nexus 93108tc-fx Cisco nexus 34200yc-sm Cisco nexus 9536pq Cisco nexus 92304qc Switch Cisco nexus 3524 Cisco nexus 3172tq Cisco nexus 9508 Switch Cisco ios Xe Cisco nexus 3172 Cisco nexus 92348gc-x Cisco nexus 93180yc-ex Cisco nexus 9372tx-e Switch Cisco nexus 9372px Cisco nexus 3064-t Cisco nexus 9364d-gx2a Cisco nexus 9221c Cisco nexus 3432d-s Cisco nexus 9504 Switch Cisco firepower Threat Defense Cisco nexus 3408-s Cisco nexus 9372tx Cisco nexus 93108tc-fx3h Cisco nexus 93128tx Switch Cisco nexus 93108tc-fx3p Cisco telepresence Video Communication Server Cisco nexus 93216tc-fx2 Cisco nexus 9500 Supervisor B\+ Cisco nexus 9332d-h2r Cisco ios Xr Cisco nexus 9408 Cisco nexus 9396tx Cisco unified Contact Center Enterprise - Live Data Server Cisco fog Director Cisco nexus 3548-xl Cisco nexus 93180lc-ex Cisco nexus 93120tx Cisco nexus 92304qc Cisco nexus 9396px Switch Cisco nexus 9332pq Switch Cisco unified Contact Center Enterprise Cisco nexus 9500 16-slot Cisco prime Cable Provisioning Cisco nexus 9200 Cisco nexus 9336pq Cisco nexus 92300yc Cisco nexus 3172tq-xl Cisco nexus 9500 Supervisor A Cisco nexus 3132q Cisco nexus 9364c Cisco nexus 9348d-gx2a Cisco nexus 93180yc-fx3s Cisco nexus 93120tx Switch Cisco nexus 34180yc Cisco nexus 9372tx Switch Cisco nexus 3064x Cisco nexus 93360yc-fx2 Cisco nexus 31108tc-v Cisco nexus 3636c-r Cisco nexus 31128pq Cisco nexus 92160yc Switch Cisco nexus 93108tc-ex-24 Cisco nexus 31108pc-v Cisco crosswork Data Gateway Cisco nexus 93108tc-fx-24 Cisco prime Access Registrar Cisco nexus 3524-x\/xl Cisco nexus 3064t Cisco nexus 3232 Cisco nexus 9236c Cisco nexus 3400 Cisco nexus 93108tc-ex Switch Cisco nexus 9336pq Aci Cisco nexus 3464c Cisco nexus 9508 Cisco nexus 3132q-v Cisco iot Field Network Director Cisco nexus 9432pq Cisco nexus 3172pq\/pq-xl Cisco nexus 9636pq Cisco nexus 9272q Switch Cisco nexus 9348gc-fxp Cisco connected Mobile Experiences Cisco nexus 9504 Cisco nexus 93240yc-fx2 Cisco nexus 9516 Switch Cisco nexus 93180yc-fx3h Cisco nexus 3172tq-32t Cisco nexus 9232e Cisco nexus 3100-v Cisco nexus 93600cd-gx Cisco nexus 9716d-gx Cisco nexus 92160yc-x Cisco nexus 9500 Supervisor B Cisco nexus 9396px Cisco nexus 3064 Cisco nexus 9800 Cisco secure Malware Analytics Cisco nexus 3164q Cisco nexus 3172pq Cisco nexus 9372px Switch Cisco nexus 9808 Cisco nexus 9500 8-slot Cisco nexus 93128tx Cisco nexus 3548 Cisco nexus 3264c-e Cisco nexus 9336c-fx2-e Cisco nexus 9332d-gx2b Cisco nexus 3524-x Cisco nexus 93240tc-fx2 Cisco nexus 3100 Cisco nexus 9332c Cisco nexus 9372tx-e Cisco nexus 9200yc Cisco nexus 9500 Cisco nexus 93180yc-fx3 Cisco nexus 9736pq Cisco nexus 92300yc Switch Cisco nexus 9500 4-slot Cisco nexus 9000v Cisco nexus 3264q Cisco nexus 36180yc-r Cisco nexus 93180tc-ex Cisco nx-os Cisco nexus 9372px-e Switch Cisco nexus 93180yc-ex-24 Cisco nexus 3016q Cisco nexus 9332pq Cisco nexus 93180yc-fx Cisco prime Infrastructure

20 Dec 2023, 17:55

Type	Values Removed	Values Added
References	~~() https://www.debian.org/security/2023/dsa-5570 -~~	() https://www.debian.org/security/2023/dsa-5570 - Third Party Advisory
First Time		Openresty Openresty openresty
CPE		cpe:2.3:a:openresty:openresty::::::::

02 Dec 2023, 01:15

Type	Values Removed	Values Added
References		() https://www.debian.org/security/2023/dsa-5570 -

01 Dec 2023, 14:22

25 Nov 2023, 11:15

Type	Values Removed	Values Added
References		() https://security.gentoo.org/glsa/202311-09 -

19 Nov 2023, 22:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html -

18 Nov 2023, 21:15

Type	Values Removed	Values Added
References		() https://www.debian.org/security/2023/dsa-5558 -

07 Nov 2023, 05:15

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/', 'name': 'FEDORA-2023-fe53e13b5b', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/', 'name': 'FEDORA-2023-7b52921cae', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/', 'name': 'FEDORA-2023-3f70b8d406', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/', 'name': 'FEDORA-2023-0259c3f26f', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/', 'name': 'FEDORA-2023-d5030c983c', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/', 'name': 'FEDORA-2023-5ff7bf1dd8', 'tags': ['Mailing List'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/', 'name': 'FEDORA-2023-e9c04d81c1', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/', 'name': 'FEDORA-2023-822aab0a5a', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/', 'name': 'FEDORA-2023-ed2642fd58', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/', 'name': 'FEDORA-2023-1caffb88af', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/', 'name': 'FEDORA-2023-4d2fd884ea', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/', 'name': 'FEDORA-2023-2a9214af5f', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/', 'name': 'FEDORA-2023-dbe64661af', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/', 'name': 'FEDORA-2023-17efd3f2cd', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/', 'name': 'FEDORA-2023-4bf641255e', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/', 'name': 'FEDORA-2023-b2c50535cb', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/', 'name': 'FEDORA-2023-7934802344', 'tags': [], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/', 'name': 'FEDORA-2023-54fadada12', 'tags': ['Mailing List'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/', 'name': 'FEDORA-2023-f66fc0f62a', 'tags': [], 'refsource': 'FEDORA'}	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ -

06 Nov 2023, 03:15

Type	Values Removed	Values Added
References		(DEBIAN) https://www.debian.org/security/2023/dsa-5549 -

06 Nov 2023, 00:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html -

03 Nov 2023, 22:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ -

03 Nov 2023, 21:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ -

03 Nov 2023, 05:15

Type	Values Removed	Values Added
References		(MISC) https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 -

31 Oct 2023, 16:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html -

31 Oct 2023, 07:15

Type	Values Removed	Values Added
References		(DEBIAN) https://www.debian.org/security/2023/dsa-5540 -

30 Oct 2023, 22:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html -

29 Oct 2023, 04:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ -

28 Oct 2023, 03:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ -

26 Oct 2023, 05:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ -

25 Oct 2023, 18:17

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ -

25 Oct 2023, 15:26

Type	Values Removed	Values Added
CPE		cpe:2.3:a:nodejs:node.js:::::lts:::*

24 Oct 2023, 12:58

Type	Values Removed	Values Added
First Time		Jenkins jenkins Apache solr Jenkins
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/8 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/8 - Mailing List, Third Party Advisory
References	~~(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ -~~	(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ - Mailing List
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/4 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/4 - Mailing List, Third Party Advisory
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2023/10/19/6 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2023/10/19/6 - Mailing List, Third Party Advisory
References	~~(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ -~~	(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ - Mailing List
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2023/10/20/8 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2023/10/20/8 - Mailing List
CPE	cpe:2.3:a:linkerd:linkerd:2.14.1:::::::* cpe:2.3:a:linkerd:linkerd:2.13.0:::::::* cpe:2.3:a:linkerd:linkerd:2.14.0:::::::* cpe:2.3:a:linkerd:linkerd:2.13.1:::::::* cpe:2.3:a:linkerd:linkerd::::::::	cpe:2.3:a:linkerd:linkerd:2.13.1::::stable:kubernetes::* cpe:2.3:a:linkerd:linkerd:::::stable:kubernetes:: cpe:2.3:a:linkerd:linkerd:2.14.0::::stable:kubernetes::* cpe:2.3:a:jenkins:jenkins:::::-:::* cpe:2.3:a:linkerd:linkerd:2.14.1::::stable:kubernetes::* cpe:2.3:o:fedoraproject:fedora:37:::::::* cpe:2.3:a:jenkins:jenkins:::::lts:::* cpe:2.3:a:apache:solr:::::::: cpe:2.3:a:linkerd:linkerd:2.13.0::::stable:kubernetes::*

20 Oct 2023, 21:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2023/10/20/8 -

20 Oct 2023, 03:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ -

19 Oct 2023, 15:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2023/10/19/6 -

19 Oct 2023, 03:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/8 -

18 Oct 2023, 21:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2023/10/18/4 -

18 Oct 2023, 17:01

18 Oct 2023, 15:20

17 Oct 2023, 01:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html -

16 Oct 2023, 19:15

Type	Values Removed	Values Added
References		(CONFIRM) https://security.netapp.com/advisory/ntap-20231016-0001/ - (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html -

15 Oct 2023, 19:15

Type	Values Removed	Values Added
References		(MISC) https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ -

15 Oct 2023, 04:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ -

14 Oct 2023, 01:15

Type	Values Removed	Values Added
References		(MISC) https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html - (MISC) https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ -

13 Oct 2023, 21:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2023/10/13/9 -

13 Oct 2023, 19:32

13 Oct 2023, 16:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html -

13 Oct 2023, 00:15

Type	Values Removed	Values Added
References		(MISC) https://github.com/caddyserver/caddy/releases/tag/v2.7.5 -

12 Oct 2023, 18:15

Type	Values Removed	Values Added
References		(MISC) https://github.com/akka/akka-http/issues/4323 - (MISC) https://security.paloaltonetworks.com/CVE-2023-44487 - (MISC) https://github.com/Azure/AKS/issues/3947 - (MISC) https://github.com/Kong/kong/discussions/11741 - (MISC) https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ - (MISC) https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 - (MISC) https://github.com/openresty/openresty/issues/930 - (MISC) https://github.com/apache/apisix/issues/10320 -

11 Oct 2023, 22:15

Type	Values Removed	Values Added
References		(MISC) https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ -

11 Oct 2023, 21:15

Type	Values Removed	Values Added
References		(MISC) https://bugzilla.suse.com/show_bug.cgi?id=1216123 - (MISC) https://github.com/varnishcache/varnish-cache/issues/3996 - (MISC) https://istio.io/latest/news/security/istio-security-2023-004/ - (MISC) https://github.com/line/armeria/pull/5232 - (MISC) https://github.com/advisories/GHSA-qppj-fm5r-hxr3 - (MISC) https://ubuntu.com/security/CVE-2023-44487 - (MISC) https://github.com/apache/httpd-site/pull/10 - (MISC) https://github.com/projectcontour/contour/pull/5826 - (MISC) https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 - (MISC) https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event - (MISC) https://github.com/junkurihara/rust-rpxy/issues/97 - (MISC) https://github.com/etcd-io/etcd/issues/16740 - (MISC) https://blog.vespa.ai/cve-2023-44487/ - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2242803 - (MISC) https://github.com/ninenines/cowboy/issues/1615 - (MISC) https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 - (MISC) https://github.com/tempesta-tech/tempesta/issues/1986 - (MISC) https://access.redhat.com/security/cve/cve-2023-44487 -

11 Oct 2023, 07:15

Type	Values Removed	Values Added
References		(MISC) https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 - (MISC) https://github.com/kazu-yamamoto/http2/issues/93 - (DEBIAN) https://www.debian.org/security/2023/dsa-5521 - (DEBIAN) https://www.debian.org/security/2023/dsa-5522 - (MISC) https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html - (MISC) https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 -

11 Oct 2023, 01:15

Type	Values Removed	Values Added
References		(MISC) https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack - (MISC) https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/ - (MISC) https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 - (MISC) https://github.com/advisories/GHSA-xpw8-rcwv-8f8p - (MISC) https://github.com/opensearch-project/data-prepper/issues/3474 - (MISC) https://news.ycombinator.com/item?id=37837043 - (MISC) https://github.com/oqtane/oqtane.framework/discussions/3367 - (MISC) https://github.com/kubernetes/kubernetes/pull/121120 - (MISC) https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 - (MISC) https://netty.io/news/2023/10/10/4-1-100-Final.html -

10 Oct 2023, 22:15

Type	Values Removed	Values Added
References		(MISC) https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 -

10 Oct 2023, 21:15

Type	Values Removed	Values Added
References	~~{'url': 'https://github.com/hyperium/hyper/issues/3337', 'name': 'https://github.com/hyperium/hyper/issues/3337', 'tags': [], 'refsource': 'MISC'}~~	(MISC) https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 - (MISC) https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected - (MISC) https://www.openwall.com/lists/oss-security/2023/10/10/6 - (MISC) https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q -

10 Oct 2023, 19:15

Type	Values Removed	Values Added
References		(MISC) https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ - (MISC) https://github.com/micrictor/http2-rst-stream - (MISC) https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ - (MISC) https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve - (MISC) https://github.com/advisories/GHSA-vx74-f528-fxqg - (MISC) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 - (MISC) https://github.com/nodejs/node/pull/50121 - (MISC) https://bugzilla.proxmox.com/show_bug.cgi?id=4988 - (MISC) https://github.com/microsoft/CBL-Mariner/pull/6381 - (MISC) https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 - (MISC) https://github.com/apache/trafficserver/pull/10564 - (MISC) https://github.com/golang/go/issues/63417 - (MISC) https://github.com/facebook/proxygen/pull/466 - (MISC) https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 - (MISC) https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo - (MISC) https://github.com/dotnet/announcements/issues/277 - (MISC) https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf - (MISC) https://github.com/h2o/h2o/pull/3291 -

10 Oct 2023, 17:15

Type	Values Removed	Values Added
References	~~{'url': 'https://chaos.social/@icing/111210915918780532', 'name': 'https://chaos.social/@icing/111210915918780532', 'tags': [], 'refsource': 'MISC'}~~	(MISC) https://my.f5.com/manage/s/article/K000137106 - (MISC) https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 - (MISC) https://github.com/grpc/grpc-go/pull/6703 - (MISC) https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 - (MISC) https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html -

10 Oct 2023, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-10 14:15

Updated : 2025-04-12 01:00

NVD link : CVE-2023-44487

Mitre link : CVE-2023-44487

CVE.ORG link : CVE-2023-44487

JSON object : View

Products Affected

big-ip_fraud_protection_service
big-ip_application_visibility_and_reporting
big-ip_application_security_manager
big-ip_analytics
big-ip_carrier-grade_nat
big-ip_application_acceleration_manager
big-ip_global_traffic_manager
big-ip_next
big-ip_policy_enforcement_manager
big-ip_ddos_hybrid_defender
big-ip_webaccelerator
nginx
nginx_ingress_controller
big-ip_local_traffic_manager
big-ip_advanced_firewall_manager
big-ip_websafe
big-ip_domain_name_system
nginx_plus
big-ip_access_policy_manager
big-ip_advanced_web_application_firewall
big-ip_next_service_proxy_for_kubernetes
big-ip_ssl_orchestrator
big-ip_link_controller

redhat

openshift_pipelines
service_telemetry_framework
openshift_container_platform
decision_manager
self_node_remediation_operator
ceph_storage
ansible_automation_platform
jboss_a-mq
openshift
advanced_cluster_management_for_kubernetes
build_of_quarkus
openshift_data_science
run_once_duration_override_operator
network_observability_operator
jboss_a-mq_streams
advanced_cluster_security
machine_deletion_remediation_operator
web_terminal
process_automation
fence_agents_remediation_operator
jboss_data_grid
openshift_gitops
satellite
migration_toolkit_for_virtualization
migration_toolkit_for_containers
cryostat
openshift_developer_tools_and_services
quay
cost_management
node_maintenance_operator
cert-manager_operator_for_red_hat_openshift
service_interconnect
node_healthcheck_operator
integration_camel_for_spring_boot
certification_for_red_hat_enterprise_linux
openshift_container_platform_assisted_installer
logging_subsystem_for_red_hat_openshift
3scale_api_management_platform
openshift_service_mesh
openshift_virtualization
jboss_core_services
openshift_distributed_tracing
jboss_enterprise_application_platform
integration_service_registry
enterprise_linux
openshift_serverless
migration_toolkit_for_applications
support_for_spring_boot
openstack_platform
jboss_fuse
integration_camel_k
single_sign-on
openshift_api_for_data_protection
build_of_optaplanner
openshift_dev_spaces
openshift_sandboxed_containers
openshift_secondary_scheduler_operator

cisco

nexus_3500
nexus_3548-xl
nexus_3524-xl
nexus_93180lc-ex_switch
ultra_cloud_core_-_policy_control_function
prime_infrastructure
nexus_31108pc-v
nexus_3172tq-xl
nexus_3064
nexus_93108tc-ex-24
nexus_3172pq\/pq-xl
nexus_9372tx_switch
secure_web_appliance
expressway
nexus_9236c
nexus_9336c-fx2
nexus_9272q
unified_contact_center_domain_manager
nexus_93180yc-fx-24
nexus_93180lc-ex
nexus_9348gc-fx3
nexus_9236c_switch
nexus_9396tx
ultra_cloud_core_-_serving_gateway_function
nexus_3548-x
nexus_93108tc-fx3h
nexus_92304qc_switch
nexus_93120tx
nexus_93180yc-ex
nexus_9500_supervisor_b\+
nexus_93180yc-fx3s
nexus_9332c
nexus_34200yc-sm
nexus_3600
nexus_93108tc-ex_switch
nexus_9336pq_aci_spine_switch
ios_xe
nexus_93180yc-ex-24
nexus_9500_supervisor_b
nexus_9500
nexus_3164q
nexus_3524
nexus_3064-32t
unified_contact_center_management_portal
nexus_93180yc-fx3
prime_network_registrar
nexus_3132q-x
nexus_9336c-fx2-e
nexus_9221c
crosswork_data_gateway
unified_contact_center_enterprise_-_live_data_server
nexus_92348gc-x
nexus_92304qc
nexus_9364c-gx
nexus_9336pq_aci_spine
nexus_92300yc_switch
ios_xr
nexus_3172tq
nexus_3100-z
nexus_9372tx-e_switch
nexus_9316d-gx
nexus_3016q
nexus_3636c-r
nexus_9200
nexus_9372px
nexus_9804
nexus_93180yc-fx3h
nexus_3132q
nexus_3264q
nexus_9500r
nexus_3064x
nexus_93180tc-ex
nexus_9408
nexus_93128tx_switch
nexus_3132q-xl
nexus_3172
nexus_9372px-e
nexus_9272q_switch
nexus_9364d-gx2a
nexus_9432pq
firepower_threat_defense
nexus_3172pq-xl
nexus_3548-x\/xl
telepresence_video_communication_server
nexus_9332pq
secure_web_appliance_firmware
nexus_3400
nexus_9516_switch
prime_access_registrar
nexus_3432d-s
nexus_93360yc-fx2
nexus_93108tc-fx3p
unified_attendant_console_advanced
nexus_3408-s
nexus_9232e
nexus_9396px
iot_field_network_director
nexus_9332d-h2r
nexus_9636pq
nexus_93240tc-fx2
ultra_cloud_core_-_session_management_function
nexus_93600cd-gx
nexus_9500_16-slot
nexus_93108tc-fx
nexus_9372tx-e
nexus_3048
nexus_3232c
nexus_9808
nexus_3464c
data_center_network_manager
nexus_31108tc-v
nexus_9332pq_switch
nexus_9000v
nexus_3064-x
nexus_3132q-x\/3132q-xl
nexus_3172tq-32t
secure_malware_analytics
nexus_9372px_switch
nexus_9348d-gx2a
nx-os
enterprise_chat_and_email
nexus_9536pq
nexus_3100
nexus_3200
nexus_3548
nexus_9504_switch
nexus_3172pq
nexus_3100-v
nexus_3232
nexus_3132c-z
nexus_3132q-v
nexus_92300yc
nexus_93128tx
nexus_93108tc-ex
crosswork_zero_touch_provisioning
nexus_93180yc-ex_switch
nexus_3100v
nexus_9500_8-slot
nexus_9508
nexus_9336pq
nexus_9500_supervisor_a\+
nexus_93216tc-fx2
nexus_9516
nexus_9508_switch
nexus_9500_supervisor_a
nexus_3064t
nexus_9364c
nexus_9372tx
secure_dynamic_attributes_connector
nexus_9300
nexus_93240yc-fx2
nexus_9736pq
nexus_9200yc
nexus_9336pq_aci
connected_mobile_experiences
nexus_92160yc_switch
nexus_9348gc-fxp
nexus_3264c-e
nexus_31108pv-v
nexus_9372px-e_switch
nexus_31128pq
nexus_93108tc-fx-24
nexus_9396tx_switch
nexus_3064-t
nexus_92160yc-x
nexus_3524-x\/xl
nexus_93120tx_switch
nexus_9500_4-slot
nexus_3232c_
nexus_3016
nexus_9716d-gx
prime_cable_provisioning
nexus_9504
nexus_93180yc-fx
nexus_9332d-gx2b
fog_director
unified_contact_center_enterprise
nexus_9800
nexus_36180yc-r
nexus_34180yc
nexus_93128
nexus_9396px_switch
nexus_3524-x

microsoft

windows_10_1607
windows_10_1809
windows_server_2022
windows_server_2016
windows_10_21h2
visual_studio_2022
windows_11_22h2
windows_10_22h2
.net
asp.net_core
windows_server_2019
cbl-mariner
windows_11_21h2
azure_kubernetes_service

nodejs

node.js

apache

solr
apisix
traffic_server
tomcat

traefik

traefik

projectcontour

contour

netapp

oncommand_insight
astra_control_center

grpc

grpc

golang

http2
go
networking

fedoraproject

fedora

caddyserver

caddy

linkerd

linkerd

nghttp2

nghttp2

akka

http_server

varnish_cache_project

varnish_cache

kazu-yamamoto

http2

debian

debian_linux

istio

istio

eclipse

jetty

facebook

proxygen

netty

netty

dena

apple

swiftnio_http\/2

openresty

openresty

amazon

opensearch_data_prepper

ietf

http

linecorp

armeria

envoyproxy

envoy

konghq

kong_gateway

jenkins

jenkins

CWE

NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption

7.5 /10