CVE-2026-28898
- EPSS 0.19%
- Veröffentlicht 25.06.2026 18:36:54
- Zuletzt bearbeitet 30.06.2026 18:20:11
swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validation of all pseudo-header values (:path, :authority, :...
CVE-2022-0618
- EPSS 1.28%
- Veröffentlicht 10.03.2022 17:44:56
- Zuletzt bearbeitet 21.11.2024 06:39:02
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame...
CVE-2022-24666
- EPSS 1.35%
- Veröffentlicht 09.02.2022 23:15:20
- Zuletzt bearbeitet 21.11.2024 06:50:49
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a l...
CVE-2022-24667
- EPSS 1.12%
- Veröffentlicht 09.02.2022 23:15:20
- Zuletzt bearbeitet 21.11.2024 06:50:49
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of...
CVE-2022-24668
- EPSS 1.12%
- Veröffentlicht 09.02.2022 23:15:20
- Zuletzt bearbeitet 21.11.2024 06:50:49
A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical err...