Search CVE reports

Toggle filters

31 – 34 of 34 results

CVE-2023-44487

High priority

Some fixes available 33 of 46

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

14 affected packages

dnsdist, dotnet6, dotnet7, dotnet8, h2o...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Fixed Not affected Not affected
dotnet6 Not in release Not in release Fixed Not in release Not in release
dotnet7 Not in release Not in release Fixed Not in release Not in release
dotnet8 Not in release Fixed Not affected Not in release Not in release
h2o Not in release Not affected Fixed Fixed Fixed
haproxy Not affected Not affected Not affected Not affected Fixed
netty Not affected Not affected Fixed Fixed Not affected
nghttp2 Not affected Not affected Fixed Fixed Fixed
nginx Not affected Not affected Not affected Not affected Not affected
nodejs Not affected Not affected Fixed Fixed Fixed
tomcat10 Not affected Not affected Not in release Not in release Ignored
tomcat8 Not in release Not in release Not in release Not in release Fixed
tomcat9 Not affected Not affected Fixed Fixed Fixed
trafficserver Not in release Not affected Fixed Fixed Not affected
Show all 14 packages Show less packages

CVE-2018-14663

Medium priority
Vulnerable

An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet,...

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-7069

Medium priority
Ignored

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT...

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-7557

Medium priority
Ignored

dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Not affected
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. Next page
Export to JSON