Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 310 Http Server, Opensearch Data Prepper, Apisix and 307 more | 2024-04-26 | N/A | 7.5 HIGH |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||||
CVE-2023-5056 | 1 Redhat | 2 Enterprise Linux, Service Interconnect | 2023-12-29 | N/A | 4.1 MEDIUM |
A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview. |