Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8
CVE-2019-9511
- EPSS 13.95%
- Published 13.08.2019 21:15:12
- Last modified 14.01.2025 19:29:55
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. T...
8.3
CVE-2019-9900
- EPSS 0.04%
- Published 25.04.2019 15:29:01
- Last modified 21.11.2024 04:52:32
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules,...