HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
Metrics
Affected Vendors & Products
References
History
Thu, 08 Aug 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:jboss_enterprise_application_platform:7.4 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 |
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-04-04T19:21:41.984Z
Updated: 2024-08-02T00:34:51.356Z
Reserved: 2024-02-23T14:20:56.465Z
Link: CVE-2024-27316
Vulnrichment
Updated: 2024-08-02T00:34:51.356Z
NVD
Status : Modified
Published: 2024-04-04T20:15:08.720
Modified: 2024-11-21T09:04:18.993
Link: CVE-2024-27316
Redhat