For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

access.redhat.com/errata/RHSA-2024:1786

access.redhat.com/security/cve/CVE-2024-27316

bugzilla.redhat.com/2268277

errata.almalinux.org/8/ALSA-2024-1786.html

nessus 41

redos 1

osv 11

nvd 1

ibm 5

veracode 1

rocky 2

debiancve 1

redhat 10

almalinux 3

githubexploit 2

alpinelinux 1

fedora 3

redhatcve 1

openvas 19

oraclelinux 3

amazon 2

f5 1

cbl_mariner 1

cvelist 1

cve 1

hackerone 1

ubuntucve 1

photon 3

ubuntu 3

slackware 1

mageia 1

freebsd 1

kaspersky 1

debian 2

arista 1

thn 1

cert 1

nessus

EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2024-1819)

2024-06-25 00:00:00

RHEL 8 : httpd:2.4/mod_http2 (RHSA-2024:1786)

2024-04-11 00:00:00

Oracle Linux 8 : httpd:2.4/mod_http2 (ELSA-2024-1786)

2024-04-13 00:00:00

redos

ROS-20240425-01

2024-04-25 00:00:00

osv

CVE-2024-27316

2024-04-04 20:15:08

Moderate: mod_http2 security update

2024-05-10 14:32:42

BIT-apache-2024-27316

2024-04-06 18:17:01

nvd

CVE-2024-27316

2024-04-04 20:15:08

ibm

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to a denial of service attack using HTTP/2 protocol. [CVE-2024-27316]

2024-06-25 23:52:39

Security Bulletin: IBM Aspera Console has addressed a denial of service vulnerability (CVE-2024-27316)

2024-05-29 21:22:20

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to glibc, Golang Go , Apache HTTP, IBM GSKit-Crypto and GnuTLS packages/liberaries .

2024-05-22 09:19:09

veracode

Memory Exhaustion

2024-04-10 19:25:29

rocky

httpd:2.4/mod_http2 security update

2024-05-06 13:04:21

mod_http2 security update

2024-05-10 14:32:42

debiancve

CVE-2024-27316

2024-04-04 20:15:08

redhat

(RHSA-2024:1872) Important: mod_http2 security update

2024-04-18 00:58:11

(RHSA-2024:1786) Important: httpd:2.4/mod_http2 security update

2024-04-11 15:27:17

(RHSA-2024:2907) Moderate: httpd:2.4 security update

2024-05-20 01:02:25

almalinux

Moderate: mod_http2 security update

2024-04-30 00:00:00

Important: mod_http2 security update

2024-04-18 00:00:00

Important: httpd:2.4/mod_http2 security update

2024-04-11 00:00:00

githubexploit

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http Server

2024-04-17 20:08:05

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http Server

2024-04-09 08:08:07

alpinelinux

CVE-2024-27316

2024-04-04 20:15:08

fedora

[SECURITY] Fedora 40 Update: mod_http2-2.0.27-1.fc40

2024-04-21 01:08:56

[SECURITY] Fedora 38 Update: mod_http2-2.0.27-1.fc38

2024-04-21 02:57:21

[SECURITY] Fedora 39 Update: mod_http2-2.0.27-1.fc39

2024-04-21 01:20:22

redhatcve

CVE-2024-27316

2024-04-03 19:27:03

openvas

Fedora: Security Advisory for mod_http2 (FEDORA-2024-528301bac2)

2024-05-27 00:00:00

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-1840)

2024-06-25 00:00:00

Fedora: Security Advisory for mod_http2 (FEDORA-2024-4812897dd1)

2024-05-27 00:00:00

oraclelinux

mod_http2 security update

2024-05-07 00:00:00

httpd:2.4/mod_http2 security update

2024-04-11 00:00:00

mod_http2 security update

2024-04-18 00:00:00

amazon

Important: httpd24

2024-04-25 16:04:00

Important: mod_http2

2024-04-24 22:15:00

K000139214 : Apache httpd vulnerability CVE-2024-27316

2024-04-08 00:00:00

cbl_mariner

CVE-2024-27316 affecting package httpd for versions less than 2.4.59-1

2024-05-06 17:48:02

cvelist

CVE-2024-27316 Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

2024-04-04 19:21:41

cve

CVE-2024-27316

2024-04-04 20:15:08

hackerone

Internet Bug Bounty: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

2024-04-08 20:33:40

ubuntucve

CVE-2024-27316

2024-03-27 00:00:00

photon

Important Photon OS Security Update - PHSA-2024-3.0-0748

2024-04-11 00:00:00

Important Photon OS Security Update - PHSA-2024-5.0-0242

2024-04-10 00:00:00

Important Photon OS Security Update - PHSA-2024-4.0-0591

2024-04-11 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2024-04-17 00:00:00

Apache HTTP Server vulnerabilities

2024-04-11 00:00:00

Apache HTTP Server vulnerabilities

2024-04-29 00:00:00

slackware

[slackware-security] httpd

2024-04-04 19:16:44

mageia

Updated apache packages fix security vulnerabilities

2024-04-10 07:03:52

freebsd

Apache httpd -- multiple vulnerabilities

2024-04-04 00:00:00

kaspersky

KLA65470 Multiple vulnerabilities in Apache HTTP Server

2024-04-04 00:00:00

debian

[SECURITY] [DLA 3818-1] apache2 security update

2024-05-25 11:06:45

[SECURITY] [DSA 5662-1] apache2 security update

2024-04-16 18:32:07

arista

Security Advisory 0094

2024-04-05 00:00:00

thn

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

2024-04-04 11:15:00

cert

HTTP/2 CONTINUATION frames can be utilized for DoS attacks

2024-04-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.5%

JSON

Related for OSV:ALSA-2024:1786