Lucene search
Veracode Vulnerability DatabaseVERACODE:46194HistoryApr 04, 2024 - 5:00 a.m.
Denial Of Service (DoS)
2024-04-0405:00:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
vulnerability
memory exhaustion
http/2
amphp/http-client is vulnerable to Denial Of Service. The vulnerability is due to unbounded buffering of HTTP/2 CONTINUATION frames until the END_HEADERS flag is received, which results in a memory exhaustion crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| amphp/http-client | le | v4.0.0 | |
| amphp/http | le | v2.1.0 | |
| amphp/http | le | v1.7.2 | |
| amphp/http-client | le | v4.0.0 | |
| amphp/http | le | v2.1.0 | |
| amphp/http | le | v1.7.2 |
Related
redhatcve
redhatcve
CVE-2024-2653
2024-04-03 19:26:54
friendsofphp
friendsofphp
Denial of Service via HTTP/2 CONTINUATION Frames
1970-01-01 00:00:00
Denial of Service via HTTP/2 CONTINUATION Frames
1970-01-01 00:00:00
osv
osv
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 18:06:45
cvelist
cvelist
CVE-2024-2653 CVE-2024-2653
2024-04-03 17:18:29
nvd
nvd
CVE-2024-2653
2024-04-03 18:15:07
gitlab
gitlab
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 00:00:00
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 00:00:00
f5
f5
K000139227 : amphp/http vulnerability CVE-2024-2653
2024-04-09 00:00:00
cve
cve
CVE-2024-2653
2024-04-03 18:15:07
github
github
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 18:06:45
arista
arista
Security Advisory 0094
2024-04-05 00:00:00
thn
thn
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
2024-04-04 11:15:00
cert
cert
HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2024-04-03 00:00:00