VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Quay
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
network
low complexity
ietf
nghttp2
netty
envoyproxy
eclipse
caddyserver
golang
f5
apache
apple
grpc
microsoft
nodejs
dena
facebook
amazon
debian
kazu-yamamoto
istio
varnish-cache-project
traefik
projectcontour
linkerd
linecorp
redhat
fedoraproject
netapp
akka
konghq
jenkins
openresty
cisco
7.5
7.5
2022-09-09
CVE-2020-10735
Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in python.
network
low complexity
python
redhat
fedoraproject
CWE-704
7.5
7.5
2022-04-29
CVE-2022-1227
Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman.
network
low complexity
podman-project
psgo-project
redhat
fedoraproject
CWE-269
8.8
8.8
2019-08-13
CVE-2019-9518
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
synology
fedoraproject
opensuse
redhat
oracle
mcafee
nodejs
CWE-770
7.5
7.5
2019-08-13
CVE-2019-9517
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
synology
fedoraproject
opensuse
redhat
oracle
mcafee
netapp
nodejs
CWE-770
7.5
7.5
2019-08-13
CVE-2019-9515
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
synology
fedoraproject
opensuse
redhat
oracle
mcafee
f5
nodejs
CWE-770
7.5
7.5
2019-08-13
CVE-2019-9514
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.
network
low complexity
apple
apache
debian
canonical
synology
fedoraproject
opensuse
redhat
oracle
mcafee
netapp
f5
nodejs
CWE-770
7.5
7.5
2019-08-13
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
fedoraproject
synology
opensuse
redhat
oracle
mcafee
f5
nodejs
7.5
7.5
2019-08-13
CVE-2019-9511
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
synology
fedoraproject
opensuse
redhat
oracle
mcafee
f5
nodejs
CWE-770
7.5
7.5