vulnerability
SUSE: CVE-2024-27316: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 04/04/2024 | 05/14/2024 | 01/28/2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
04/04/2024
Added
05/14/2024
Modified
01/28/2025
Description
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
Solution(s)
suse-upgrade-apache2suse-upgrade-apache2-develsuse-upgrade-apache2-docsuse-upgrade-apache2-eventsuse-upgrade-apache2-example-pagessuse-upgrade-apache2-manualsuse-upgrade-apache2-preforksuse-upgrade-apache2-tls13suse-upgrade-apache2-tls13-develsuse-upgrade-apache2-tls13-docsuse-upgrade-apache2-tls13-example-pagessuse-upgrade-apache2-tls13-preforksuse-upgrade-apache2-tls13-utilssuse-upgrade-apache2-tls13-workersuse-upgrade-apache2-utilssuse-upgrade-apache2-worker
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.