CBL MarinerCBLMARINER:39520

HistorySep 19, 2024 - 9:11 a.m.

Vulners
/
Cbl Mariner
/
CVE-2024-28182 affecting package rust for versions less than 1.68.0-1

CVE-2024-28182 affecting package rust for versions less than 1.68.0-1

2024-09-1909:11:58

CBL Mariner

security patch available

unix

version 1.68.0-1

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.8

Confidence

High

JSON

CVE-2024-28182 affecting package rust for versions less than 1.68.0-1. A patched version of the package is available.

OSVersionArchitecturePackageVersionFilename
CBL-Mariner2.0allrust< 1.68.0-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
CBL-Mariner	2.0	all	rust	< 1.68.0-1	UNKNOWN

openvas 27

cgr 1

nessus 71

cbl_mariner 4

redhat 25

redhatcve 1

fedora 3

almalinux 7

oraclelinux 7

osv 18

mageia 1

veracode 1

debiancve 1

cve 1

cvelist 1

vulnrichment 1

amazon 2

nvd 1

ubuntucve 1

debian 1

redos 1

wolfi 1

slackware 1

rocky 6

f5 1

alpinelinux 1

ibm 4

gentoo 1

ubuntu 2

photon 2

githubexploit 1

arista 1

cert 1

thn 1

openvas

Slackware: Security Advisory (SSA:2024-095-02)

2024-04-05 00:00:00

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-2124)

2024-08-20 00:00:00

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-2043)

2024-07-22 00:00:00

cgr

CVE-2024-28182 vulnerabilities

2024-05-19 03:07:16

nessus

Slackware Linux 15.0 / current nghttp2 Vulnerability (SSA:2024-095-02)

2024-04-04 00:00:00

RHEL 8 : nghttp2 (RHSA-2024:4252)

2024-07-02 00:00:00

Debian dla-3804 : libnghttp2-14 - security update

2024-04-30 00:00:00

cbl_mariner

CVE-2024-28182 affecting package nghttp2 for versions less than 1.61.0-1

2024-08-14 20:43:58

CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1

2024-06-21 09:32:44

CVE-2024-28182 affecting package nodejs18 for versions less than 18.20.3-1

2024-07-10 19:52:59

redhat

(RHSA-2024:3763) Moderate: nghttp2 security update

2024-06-10 14:09:03

(RHSA-2024:4252) Moderate: nghttp2 security update

2024-07-02 13:56:39

(RHSA-2024:4576) Moderate: nghttp2 security update

2024-07-16 15:30:14

redhatcve

CVE-2024-28182

2024-04-03 19:27:34

fedora

[SECURITY] Fedora 39 Update: nghttp2-1.55.1-5.fc39

2024-04-20 01:03:28

[SECURITY] Fedora 38 Update: nghttp2-1.52.0-3.fc38

2024-04-20 02:14:40

[SECURITY] Fedora 40 Update: nghttp2-1.59.0-3.fc40

2024-04-19 21:41:43

almalinux

Moderate: nghttp2 security update

2024-07-02 00:00:00

Moderate: nghttp2 security update

2024-05-30 00:00:00

Important: nodejs:20 security update

2024-05-15 00:00:00

oraclelinux

nghttp2 security update

2024-06-20 00:00:00

nghttp2 security update

2024-07-02 00:00:00

nodejs security update

2024-05-22 00:00:00

osv

Moderate: nghttp2 security update

2024-05-30 00:00:00

nghttp2 - security update

2024-04-30 00:00:00

CGA-3396-g349-3rv6

2024-06-06 12:21:45

mageia

Updated nghttp2 packages fix security vulnerability

2024-04-17 05:13:57

veracode

Denial Of Service (DoS)

2024-04-05 10:02:12

debiancve

CVE-2024-28182

2024-04-04 15:15:38

cve

CVE-2024-28182

2024-04-04 15:15:38

cvelist

CVE-2024-28182 Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 14:41:36

vulnrichment

CVE-2024-28182 Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 14:41:36

amazon

Important: nghttp2

2024-04-24 22:15:00

Important: nghttp2

2024-05-09 17:43:00

nvd

CVE-2024-28182

2024-04-04 15:15:38

ubuntucve

CVE-2024-28182

2024-04-04 00:00:00

debian

[SECURITY] [DLA 3804-1] nghttp2 security update

2024-04-30 21:29:26

redos

ROS-20240507-08

2024-05-07 00:00:00

wolfi

CVE-2024-28182 vulnerabilities

2024-09-19 09:11:50

slackware

[slackware-security] nghttp2

2024-04-04 19:17:04

rocky

nghttp2 security update

2024-06-14 14:00:33

nodejs:18 security update

2024-05-09 18:51:51

nodejs:18 security update

2024-05-09 18:50:42

K000139225: nghttp2 vulnerability CVE-2024-28182

2024-04-10 00:00:00

alpinelinux

CVE-2024-28182

2024-04-04 15:15:38

ibm

Security Bulletin: IBM DataPower Gateway vulnerable to DoS due to use of nghttp2 (CVE-2024-28182)

2024-07-09 15:27:56

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go http2 and nghttp2

2024-08-08 09:45:01

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

2024-08-08 17:29:08

gentoo

nghttp2: Multiple Vulnerabilities

2024-08-07 00:00:00

ubuntu

nghttp2 vulnerabilities

2024-04-25 00:00:00

nghttp2 vulnerability

2024-05-07 00:00:00

photon

Important Photon OS Security Update - PHSA-2024-5.0-0242

2024-04-10 00:00:00

Important Photon OS Security Update - PHSA-2024-4.0-0591

2024-04-11 00:00:00

githubexploit

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http Server

2024-04-09 08:08:07

arista

Security Advisory 0094

2024-04-03 00:00:00

cert

HTTP/2 CONTINUATION frames can be utilized for DoS attacks

2024-04-03 00:00:00

thn

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

2024-04-04 11:15:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.8

Confidence

High

JSON

Related for CBLMARINER:39520