Search CVE reports
31 – 40 of 48 results
Some fixes available 2 of 24
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to...
5 affected packages
dnsdist, h2o, haproxy, lighttpd, varnish
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Not affected | Fixed | Not affected | Not affected | Not affected |
| h2o | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| haproxy | Not affected | Not affected | Not affected | Not affected | Not affected |
| lighttpd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| varnish | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 2 of 4
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an...
1 affected package
dnsdist
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Not affected | Fixed | Fixed | Not affected | Not affected |
When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial...
1 affected package
dnsdist
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | — | Not affected | Not affected | Not affected | Not affected |
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a...
1 affected package
dnsdist
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | — | Not affected | Not affected | Not affected | Not affected |
Some fixes available 33 of 46
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
14 affected packages
dnsdist, dotnet6, dotnet7, dotnet8, h2o...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Not affected | Not affected | Fixed | Not affected | Not affected |
| dotnet6 | Not in release | Not in release | Fixed | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Fixed | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Not affected | Not in release | Not in release |
| h2o | Not in release | Not affected | Fixed | Fixed | Fixed |
| haproxy | Not affected | Not affected | Not affected | Not affected | Fixed |
| netty | Not affected | Not affected | Fixed | Fixed | Not affected |
| nghttp2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| nginx | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Fixed | Fixed | Fixed |
| tomcat10 | Not affected | Not affected | Not in release | Not in release | Ignored |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Fixed |
| tomcat9 | Not affected | Not affected | Fixed | Fixed | Fixed |
| trafficserver | Not in release | Not affected | Fixed | Fixed | Not affected |
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
2 affected packages
nsd, nsd3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| nsd | — | — | — | — | — |
| nsd3 | — | — | — | — | — |
The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.
1 affected package
gdnsd
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gdnsd | Not affected | Not affected | Not in release | Vulnerable | Vulnerable |
The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.
1 affected package
gdnsd
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gdnsd | — | — | — | — | Not affected |
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
1 affected package
nsd
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| nsd | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet,...
1 affected package
dnsdist
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Not affected | Not affected | Not affected | Not affected | Vulnerable |