VulnerableCode Package Details - pkg:rpm/redhat/jbcs-httpd24-mod

Search for packages

Vulnerability	Summary	Fixed by
VCID-2e6w-fs4j-17g9 Aliases: CVE-2024-27316	HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.	There are no reported fixed by versions.
VCID-2szj-xvgq-pkfr Aliases: CVE-2024-2379	curl: QUIC certificate check bypass with wolfSSL	There are no reported fixed by versions.
VCID-2vwu-y316-gbb2 Aliases: CVE-2024-2466	Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.	There are no reported fixed by versions.
VCID-94sx-qnsn-5ucm Aliases: CVE-2024-28182	Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service.	There are no reported fixed by versions.
VCID-tha5-fv3w-sub6 Aliases: CVE-2024-2004	Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.	There are no reported fixed by versions.
VCID-u4bx-xqb3-vuef Aliases: CVE-2024-2398	Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-2e6w-fs4j-17g9
Aliases:
CVE-2024-27316

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.