An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS).
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 04:09
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
18 May 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 May 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Apr 2023, 18:39
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/hyperium/hyper/issues/2877 - Exploit, Issue Tracking | |
First Time |
Hyper h2
Hyper Hyper hyper |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-770 | |
CPE | cpe:2.3:a:hyper:h2:0.2.4:*:*:*:*:rust:*:* cpe:2.3:a:hyper:hyper:0.13.7:*:*:*:*:rust:*:* |
11 Apr 2023, 17:21
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-11 14:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-26964
Mitre link : CVE-2023-26964
CVE.ORG link : CVE-2023-26964
JSON object : View
Products Affected
hyper
- h2
- hyper
CWE
CWE-770
Allocation of Resources Without Limits or Throttling