vulnerability
Ubuntu: (Multiple Advisories) (CVE-2023-44487): .NET vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Oct 10, 2023 | Oct 11, 2023 | Apr 16, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Oct 10, 2023
Added
Oct 11, 2023
Modified
Apr 16, 2026
Description
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Solutions
ubuntu-pro-upgrade-h2oubuntu-pro-upgrade-haproxyubuntu-pro-upgrade-libh2o0-13ubuntu-pro-upgrade-libnghttp2-14ubuntu-pro-upgrade-libnode-devubuntu-pro-upgrade-libnode64ubuntu-pro-upgrade-libnode72ubuntu-pro-upgrade-libtomcat8-embed-javaubuntu-pro-upgrade-libtomcat8-javaubuntu-pro-upgrade-nghttp2ubuntu-pro-upgrade-nghttp2-clientubuntu-pro-upgrade-nghttp2-proxyubuntu-pro-upgrade-nghttp2-serverubuntu-pro-upgrade-nodejsubuntu-pro-upgrade-nodejs-devubuntu-pro-upgrade-tomcat8ubuntu-pro-upgrade-tomcat9-commonubuntu-pro-upgrade-trafficserverubuntu-pro-upgrade-trafficserver-devubuntu-upgrade-aspnetcore-runtime-6-0ubuntu-upgrade-aspnetcore-runtime-7-0ubuntu-upgrade-aspnetcore-runtime-8-0ubuntu-upgrade-dotnet-hostubuntu-upgrade-dotnet-host-7-0ubuntu-upgrade-dotnet-host-8-0ubuntu-upgrade-dotnet-hostfxr-6-0ubuntu-upgrade-dotnet-hostfxr-7-0ubuntu-upgrade-dotnet-hostfxr-8-0ubuntu-upgrade-dotnet-runtime-6-0ubuntu-upgrade-dotnet-runtime-7-0ubuntu-upgrade-dotnet-runtime-8-0ubuntu-upgrade-dotnet-sdk-6-0ubuntu-upgrade-dotnet-sdk-7-0ubuntu-upgrade-dotnet-sdk-8-0ubuntu-upgrade-dotnet6ubuntu-upgrade-dotnet7ubuntu-upgrade-dotnet8ubuntu-upgrade-golang-1-20ubuntu-upgrade-golang-1-20-goubuntu-upgrade-golang-1-20-srcubuntu-upgrade-golang-1-21ubuntu-upgrade-golang-1-21-goubuntu-upgrade-golang-1-21-srcubuntu-upgrade-libnetty-javaubuntu-upgrade-libnghttp2-14ubuntu-upgrade-nghttp2ubuntu-upgrade-nghttp2-clientubuntu-upgrade-nghttp2-proxyubuntu-upgrade-nghttp2-serverubuntu-upgrade-tomcat9-common
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.