| CVE-2023-44487 |
high |
7.5 |
10.0 |
|
|
|
3y ago |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2026-39821 |
critical |
9.6 |
9.6 |
|
|
|
8d ago |
The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com… |
| CVE-2023-45288 |
high |
— |
8.0 |
|
|
|
2y ago |
RHSA-2024:3346: git-lfs security update (Important) |
| CVE-2019-9514 |
high |
— |
8.0 |
|
|
|
4y ago |
RHSA-2019:4273: container-tools:1.0 security update (Important) |
| CVE-2019-9512 |
high |
— |
8.0 |
|
|
|
4y ago |
RHSA-2019:4273: container-tools:1.0 security update (Important) |
| CVE-2021-44716 |
high |
— |
8.0 |
|
|
|
5y ago |
RHSA-2022:0001: grafana security update (Important) |
| CVE-2026-33814 |
high |
7.5 |
7.5 |
|
|
|
23d ago |
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0. |