17.1

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2022-05-10	CVE-2022-23267	.NET and Visual Studio Denial of Service Vulnerability network low complexity microsoft fedoraproject	7.5
2022-05-10	CVE-2022-29117	.NET and Visual Studio Denial of Service Vulnerability network low complexity microsoft fedoraproject	7.5
2022-05-10	CVE-2022-29145	.NET and Visual Studio Denial of Service Vulnerability network low complexity microsoft fedoraproject	7.5
2022-04-15	CVE-2022-24513	Unspecified vulnerability in Microsoft Visual Studio 2019 and Visual Studio 2022 Visual Studio Elevation of Privilege Vulnerability local low complexity microsoft	7.8
2020-09-15	CVE-2020-8927	Classic Buffer Overflow vulnerability in multiple products A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. network low complexity google debian fedoraproject canonical opensuse microsoft CWE-120	6.5