ID

VAR-202310-0175


CVE

CVE-2023-44487


TITLE

Red Hat Security Advisory 2023-6286-01

Trust: 0.1

sources: PACKETSTORM: 175500

DESCRIPTION

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 7.3.11 replaces Data Grid 7.3.10 and includes bug fixes and enhancements. Find out more about Data Grid 7.3.11 in the Release Notes [3]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5549-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : trafficserver CVE ID : CVE-2022-47185 CVE-2023-33934 CVE-2023-39456 CVE-2023-41752 CVE-2023-44487 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or information disclosure. For the oldstable distribution (bullseye), these problems have been fixed in version 8.1.9+ds-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 9.2.3+ds-1+deb12u1. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVH8qoACgkQEMKTtsN8 TjbxOhAAkZMjvXgCcE1d9hO03bcOOVEU8dm3D7POoeIVqmZlgHRH6Q7xh1E3ER+C dl2Nix0Y+8KiCP9JjL6K9yzNcMpmeQ1M6QYD8HJxyj/ihVpWv+SMrdelVyYG5BPM ClWLHzNk6oQm3fMWE//EXm6vxoXOust61gTjhjozV7D1VvWYvLdDt/w59I+wHHc2 XIJ9gVakNvVrmdB2ItEwrYmPrRA6uECB3ag3xP4Wh1H9SkwVgcbBW6ZrgmPAjVQO UTxdCYJuoWkYavr6bolxUG833DfnJRPk9mZJVCdvX4FJnNI6Mp/XGWQ0KNx8K2Xj u6bG//dTJ948q0i5c4thWlCuKkalpZAJ3KxcFyZo6Io1QjCaSN49Rj1agCuiJp4r nmbh0GAlebvOypuiOZieJEEbTIhJpgF1hCLS2jy/Eo8qLP7Iodvr2US7JNwVEirj v0GZx9w9uyFYKfNgRDlJDdaJsmi+2YfbXO4uxp8rFNUY3acL/P8mTsMJohiWjNuH q+/hY7egr7igRPSe+zl2m/tpx1zlPxH761qMqdTVNwztE4t09vW4crPrQ8siwmC1 0HCyGef7R8eNqlODCwpeG1wC+DXHzx00FWUG1r24lNGf7koFnsuALJBPGRptbHqm v6z+piRi8deQNb1vCsQXBzsXjVrK+i/MAAjNixnvTJ9BnVh2ZPY= =gKYQ -----END PGP SIGNATURE----- . It releases an updated versions of the Kernel Module Management bringing it to v1.1.2 As part of this it updates the following container images that constitute the Kernel Module Management Operator: kernel-module-management-signing kernel-module-management-operator kernel-module-management-worker kernel-module-management-hub-operator kernel-module-management-must-gather kernel-module-management-hub-operator-bundle kernel-module-management-operator-bundle Description: kernel module management is Red Hat's operator designed to load and manage out-of-tree kernel modules and device plugins for Red Hat OpenShift Container Platform. Description: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Description: Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. The following data is constructed from data provided by Red Hat's json file at: https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5902.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Important: OpenShift Container Platform 4.13.18 security update Advisory ID: RHSA-2023:5902-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:5902 Issue date: 2023-10-24 Revision: 01 CVE Names: CVE-2023-44487 ==================================================================== Summary: Red Hat OpenShift Container Platform release 4.13.18 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13018. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHBA-2023:5905 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html Security Fix(es): * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html Solution: https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html CVEs: CVE-2023-44487 References: https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html . Description: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. ========================================================================== Ubuntu Security Notice USN-6994-1 September 05, 2024 netty vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Netty. Software Description: - netty: Java NIO client/server socket framework Details: It was discovered that Netty did not properly sanitize its input parameters. A remote attacker could possibly use this issue to cause a crash. (CVE-2023-34462) It was discovered that Netty incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause Netty to consume resources, leading to a denial of service. (CVE-2023-44487) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS libnetty-java 1:4.1.48-4+deb11u2build0.22.04.1 In general, a standard system update will make all the necessary changes

Trust: 1.8

sources: NVD: CVE-2023-44487 // PACKETSTORM: 175500 // PACKETSTORM: 175650 // PACKETSTORM: 175756 // PACKETSTORM: 177716 // PACKETSTORM: 175348 // PACKETSTORM: 175290 // PACKETSTORM: 175281 // PACKETSTORM: 175389 // PACKETSTORM: 175159 // PACKETSTORM: 181430

AFFECTED PRODUCTS

vendor:f5model:big-ip ssl orchestratorscope:gteversion:13.1.0

Trust: 1.0

vendor:golangmodel:http2scope:ltversion:0.17.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:10.3\(5\)

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:8.1.9

Trust: 1.0

vendor:ciscomodel:crosswork data gatewayscope:ltversion:4.1.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:unified attendant console advancedscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:openshift pipelinesscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:prime access registrarscope:ltversion:9.3.3

Trust: 1.0

vendor:linecorpmodel:armeriascope:ltversion:1.26.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.13.1

Trust: 1.0

vendor:redhatmodel:ansible automation platformscope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:machine deletion remediation operatorscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.7.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:16.1.4

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:ltversion:7.0.12

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip next service proxy for kubernetesscope:gteversion:1.5.0

Trust: 1.0

vendor:redhatmodel:node maintenance operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:13.1.5

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:37

Trust: 1.0

vendor:netappmodel:oncommand insightscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:lteversion:2.4.2

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.7

Trust: 1.0

vendor:golangmodel:goscope:ltversion:1.21.3

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:fence agents remediation operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:openshift sandboxed containersscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:expresswayscope:ltversion:x14.3.3

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:jboss fusescope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:jboss data gridscope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip nextscope:eqversion:20.0.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:14.1.5

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:gteversion:6.0.0

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:16.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:15.1.0

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:9.0.80

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:15.1.10

Trust: 1.0

vendor:denamodel:h2oscope:ltversion:2023-10-10

Trust: 1.0

vendor:microsoftmodel:cbl-marinerscope:ltversion:2023-10-11

Trust: 1.0

vendor:redhatmodel:quayscope:eqversion:3.0.0

Trust: 1.0

vendor:redhatmodel:web terminalscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:17.1.0

Trust: 1.0

vendor:ciscomodel:telepresence video communication serverscope:ltversion:x14.3.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.1.0

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.17.6

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:9.4.53

Trust: 1.0

vendor:golangmodel:networkingscope:ltversion:0.17.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:15.1.10

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:10.1.13

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:nginx plusscope:ltversion:r29

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:18.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:17.1.0

Trust: 1.0

vendor:caddyservermodel:caddyscope:ltversion:2.7.5

Trust: 1.0

vendor:amazonmodel:opensearch data prepperscope:ltversion:2.5.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:15.1.10

Trust: 1.0

vendor:linkerdmodel:linkerdscope:lteversion:2.12.5

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:eqversion:17.1.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:9.2.3

Trust: 1.0

vendor:microsoftmodel:.netscope:gteversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:build of quarkusscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:15.1.0

Trust: 1.0

vendor:jenkinsmodel:jenkinsscope:lteversion:2.414.2

Trust: 1.0

vendor:grpcmodel:grpcscope:ltversion:1.56.3

Trust: 1.0

vendor:applemodel:swiftnio http\/2scope:ltversion:1.28.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.27.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:16.1.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:8.0.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:38

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:nginxscope:gteversion:1.9.5

Trust: 1.0

vendor:ciscomodel:unified contact center domain managerscope:eqversion: -

Trust: 1.0

vendor:golangmodel:goscope:gteversion:1.21.0

Trust: 1.0

vendor:ciscomodel:ultra cloud core - session management functionscope:ltversion:2024.02.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:openshift developer tools and servicesscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:14.1.5

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.2.20

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:17.1.0

Trust: 1.0

vendor:varnish cachemodel:varnish cachescope:ltversion:2023-10-10

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:openshift gitopsscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:migration toolkit for containersscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.4.2

Trust: 1.0

vendor:redhatmodel:certification for red hat enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:node healthcheck operatorscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:.netscope:ltversion:6.0.23

Trust: 1.0

vendor:redhatmodel:satellitescope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:logging subsystem for red hat openshiftscope:eqversion: -

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:8.5.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:16.1.4

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:10.3\(1\)

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:13.1.0

Trust: 1.0

vendor:ciscomodel:prime network registrarscope:ltversion:11.2

Trust: 1.0

vendor:redhatmodel:advanced cluster management for kubernetesscope:eqversion:2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:service telemetry frameworkscope:eqversion:1.5

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:15.1.10

Trust: 1.0

vendor:ciscomodel:ios xescope:ltversion:17.15.1

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.18.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:14.1.5

Trust: 1.0

vendor:netappmodel:astra control centerscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:13.1.0

Trust: 1.0

vendor:ciscomodel:data center network managerscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:openshiftscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:3scale api management platformscope:eqversion:2.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:eqversion:17.1.0

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:gteversion:7.0.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:gteversion:2.0.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:gteversion:3.0.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:12.0

Trust: 1.0

vendor:redhatmodel:integration camel for spring bootscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:unified contact center enterprise - live data serverscope:ltversion:12.6.2

Trust: 1.0

vendor:microsoftmodel:windows 11 22h2scope:ltversion:10.0.22621.2428

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:cost managementscope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:nginx plusscope:gteversion:r25

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:16.1.0

Trust: 1.0

vendor:ciscomodel:crosswork zero touch provisioningscope:ltversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:openshift distributed tracingscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:17.1.0

Trust: 1.0

vendor:jenkinsmodel:jenkinsscope:lteversion:2.427

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.1.0

Trust: 1.0

vendor:golangmodel:goscope:ltversion:1.20.10

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:ultra cloud core - policy control functionscope:eqversion:2024.01.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.6.8

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:windows 10 21h2scope:ltversion:10.0.19044.3570

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:ltversion:6.0.23

Trust: 1.0

vendor:f5model:nginxscope:lteversion:1.25.2

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:lteversion:3.3.0

Trust: 1.0

vendor:ciscomodel:secure malware analyticsscope:ltversion:2.19.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:16.1.4

Trust: 1.0

vendor:microsoftmodel:.netscope:gteversion:7.0.0

Trust: 1.0

vendor:redhatmodel:jboss fusescope:eqversion:6.0.0

Trust: 1.0

vendor:redhatmodel:openshift api for data protectionscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:nginx plusscope:eqversion:r30

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:16.1.4

Trust: 1.0

vendor:microsoftmodel:windows 10 22h2scope:ltversion:10.0.19045.3570

Trust: 1.0

vendor:ciscomodel:secure dynamic attributes connectorscope:ltversion:2.2.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:migration toolkit for virtualizationscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:openshift container platformscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:service interconnectscope:eqversion:1.0

Trust: 1.0

vendor:grpcmodel:grpcscope:gteversion:1.58.0

Trust: 1.0

vendor:nghttp2model:nghttp2scope:ltversion:1.57.0

Trust: 1.0

vendor:redhatmodel:openshift serverlessscope:eqversion: -

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:10.1.0

Trust: 1.0

vendor:traefikmodel:traefikscope:eqversion:3.0.0

Trust: 1.0

vendor:redhatmodel:run once duration override operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:jboss a-mqscope:eqversion:7

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.25.9

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.26.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:self node remediation operatorscope:eqversion: -

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:9.0.0

Trust: 1.0

vendor:grpcmodel:grpcscope:ltversion:1.58.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:integration camel kscope:eqversion: -

Trust: 1.0

vendor:traefikmodel:traefikscope:ltversion:2.10.5

Trust: 1.0

vendor:redhatmodel:jboss core servicesscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:single sign-onscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:9.0

Trust: 1.0

vendor:ciscomodel:connected mobile experiencesscope:ltversion:11.1

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:17.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:migration toolkit for applicationsscope:eqversion:6.0

Trust: 1.0

vendor:ciscomodel:prime infrastructurescope:ltversion:3.10.4

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:12.0.2

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:16.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:enterprise chat and emailscope:eqversion: -

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:18.18.2

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:14.1.5

Trust: 1.0

vendor:ciscomodel:prime cable provisioningscope:ltversion:7.2.1

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:13.1.5

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:20.8.1

Trust: 1.0

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:6.0.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.4

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:10.0.0

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:10.0.17

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:15.1.10

Trust: 1.0

vendor:ciscomodel:fog directorscope:ltversion:1.22

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:14.1.5

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:eqversion:17.1.0

Trust: 1.0

vendor:projectcontourmodel:contourscope:ltversion:2023-10-11

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:process automationscope:eqversion:7.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:gteversion:2.12.0

Trust: 1.0

vendor:ciscomodel:secure web appliancescope:ltversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip next service proxy for kubernetesscope:lteversion:1.8.2

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:integration service registryscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:14.1.0

Trust: 1.0

vendor:apachemodel:apisixscope:ltversion:3.6.1

Trust: 1.0

vendor:microsoftmodel:azure kubernetes servicescope:ltversion:2023-10-08

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:jboss a-mq streamsscope:eqversion: -

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.13.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:cryostatscope:eqversion:2.0

Trust: 1.0

vendor:kazu yamamotomodel:http2scope:ltversion:4.2.2

Trust: 1.0

vendor:konghqmodel:kong gatewayscope:ltversion:3.4.2

Trust: 1.0

vendor:microsoftmodel:windows 10 1607scope:ltversion:10.0.14393.6351

Trust: 1.0

vendor:redhatmodel:build of optaplannerscope:eqversion:8.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.14.1

Trust: 1.0

vendor:ciscomodel:iot field network directorscope:ltversion:4.11.0

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:13.1.0

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:11.0.17

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:openshift dev spacesscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.1.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:20.0.0

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:8.5.93

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:14.1.5

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:11.0.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.24.10

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:openshift data sciencescope:eqversion: -

Trust: 1.0

vendor:istiomodel:istioscope:gteversion:1.18.0

Trust: 1.0

vendor:facebookmodel:proxygenscope:ltversion:2023.10.16.00

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:13.1.5

Trust: 1.0

vendor:grpcmodel:grpcscope:eqversion:1.57.0

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:advanced cluster securityscope:eqversion:4.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:15.1.0

Trust: 1.0

vendor:ietfmodel:httpscope:eqversion:2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:13.1.5

Trust: 1.0

vendor:apachemodel:tomcatscope:eqversion:11.0.0

Trust: 1.0

vendor:redhatmodel:network observability operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:14.1.5

Trust: 1.0

vendor:redhatmodel:openshift container platform assisted installerscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:windows 10 1809scope:ltversion:10.0.17763.4974

Trust: 1.0

vendor:redhatmodel:openshift service meshscope:eqversion:2.0

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.19.1

Trust: 1.0

vendor:microsoftmodel:windows server 2022scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:openshift secondary scheduler operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:15.1.10

Trust: 1.0

vendor:openrestymodel:openrestyscope:ltversion:1.21.4.3

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.6

Trust: 1.0

vendor:redhatmodel:advanced cluster securityscope:eqversion:3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:ceph storagescope:eqversion:5.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:13.1.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.4.12

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:9.0.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.14.0

Trust: 1.0

vendor:akkamodel:http serverscope:ltversion:10.5.3

Trust: 1.0

vendor:microsoftmodel:.netscope:ltversion:7.0.12

Trust: 1.0

vendor:nettymodel:nettyscope:ltversion:4.1.100

Trust: 1.0

vendor:istiomodel:istioscope:gteversion:1.19.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:10.2\(7\)

Trust: 1.0

vendor:redhatmodel:decision managerscope:eqversion:7.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:16.1.0

Trust: 1.0

vendor:ciscomodel:unified contact center management portalscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:16.1.0

Trust: 1.0

vendor:ciscomodel:ultra cloud core - serving gateway functionscope:ltversion:2024.02.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:nginx plusscope:eqversion:r29

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:support for spring bootscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:certification for red hat enterprise linuxscope:eqversion:9.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:17.1.0

Trust: 1.0

vendor:apachemodel:solrscope:ltversion:9.4.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:14.1.5

Trust: 1.0

vendor:redhatmodel:openshift virtualizationscope:eqversion:4

Trust: 1.0

vendor:ciscomodel:ultra cloud core - policy control functionscope:ltversion:2024.01.0

Trust: 1.0

vendor:ciscomodel:crosswork data gatewayscope:eqversion:5.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:16.1.4

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.11.2

Trust: 1.0

vendor:grpcmodel:grpcscope:lteversion:1.59.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:16.1.0

Trust: 1.0

vendor:ciscomodel:unified contact center enterprisescope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 11 21h2scope:ltversion:10.0.22000.2538

Trust: 1.0

vendor:redhatmodel:cert-manager operator for red hat openshiftscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:16.1.4

Trust: 1.0

sources: NVD: CVE-2023-44487

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-44487
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2023-44487
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-44487
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: NVD: CVE-2023-44487 // NVD: CVE-2023-44487

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-400

Trust: 1.0

sources: NVD: CVE-2023-44487

THREAT TYPE

remote

Trust: 0.1

sources: PACKETSTORM: 181430

TYPE

info disclosure

Trust: 0.1

sources: PACKETSTORM: 175650

EXTERNAL IDS

db:NVDid:CVE-2023-44487

Trust: 2.0

db:OPENWALLid:OSS-SECURITY/2023/10/20/8

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/13/4

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/18/8

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/10/7

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/19/6

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/10/6

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/18/4

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/13/9

Trust: 1.0

db:PACKETSTORMid:175500

Trust: 0.1

db:PACKETSTORMid:175650

Trust: 0.1

db:PACKETSTORMid:175756

Trust: 0.1

db:PACKETSTORMid:177716

Trust: 0.1

db:PACKETSTORMid:175348

Trust: 0.1

db:PACKETSTORMid:175290

Trust: 0.1

db:PACKETSTORMid:175281

Trust: 0.1

db:PACKETSTORMid:175389

Trust: 0.1

db:PACKETSTORMid:175159

Trust: 0.1

db:PACKETSTORMid:181430

Trust: 0.1

sources: PACKETSTORM: 175500 // PACKETSTORM: 175650 // PACKETSTORM: 175756 // PACKETSTORM: 177716 // PACKETSTORM: 175348 // PACKETSTORM: 175290 // PACKETSTORM: 175281 // PACKETSTORM: 175389 // PACKETSTORM: 175159 // PACKETSTORM: 181430 // NVD: CVE-2023-44487

REFERENCES

url:http://www.openwall.com/lists/oss-security/2023/10/10/6

Trust: 2.0

url:https://bugzilla.redhat.com/show_bug.cgi?id=2242803

Trust: 1.2

url:https://access.redhat.com/security/cve/cve-2023-44487

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-44487

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/

Trust: 1.0

url:https://groups.google.com/g/golang-announce/c/innxdtcjzvo

Trust: 1.0

url:https://github.com/eclipse/jetty.project/issues/10679

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/19/6

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/10/7

Trust: 1.0

url:https://github.com/haproxy/haproxy/issues/2312

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5570

Trust: 1.0

url:https://github.com/akka/akka-http/issues/4323

Trust: 1.0

url:https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5549

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/

Trust: 1.0

url:https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125

Trust: 1.0

url:https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected

Trust: 1.0

url:https://ubuntu.com/security/cve-2023-44487

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240621-0007/

Trust: 1.0

url:https://news.ycombinator.com/item?id=37831062

Trust: 1.0

url:https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q

Trust: 1.0

url:https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf

Trust: 1.0

url:https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/

Trust: 1.0

url:https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/

Trust: 1.0

url:https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088

Trust: 1.0

url:https://github.com/kong/kong/discussions/11741

Trust: 1.0

url:https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240621-0006/

Trust: 1.0

url:https://bugzilla.proxmox.com/show_bug.cgi?id=4988

Trust: 1.0

url:https://news.ycombinator.com/item?id=37830987

Trust: 1.0

url:https://news.ycombinator.com/item?id=37837043

Trust: 1.0

url:https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/

Trust: 1.0

url:https://github.com/advisories/ghsa-xpw8-rcwv-8f8p

Trust: 1.0

url:https://github.com/azure/aks/issues/3947

Trust: 1.0

url:https://github.com/grpc/grpc/releases/tag/v1.59.2

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/

Trust: 1.0

url:https://istio.io/latest/news/security/istio-security-2023-004/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/

Trust: 1.0

url:https://aws.amazon.com/security/security-bulletins/aws-2023-011/

Trust: 1.0

url:https://github.com/advisories/ghsa-vx74-f528-fxqg

Trust: 1.0

url:https://github.com/microsoft/cbl-mariner/pull/6381

Trust: 1.0

url:https://github.com/tempesta-tech/tempesta/issues/1986

Trust: 1.0

url:https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/

Trust: 1.0

url:https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/

Trust: 1.0

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5521

Trust: 1.0

url:https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/

Trust: 1.0

url:https://news.ycombinator.com/item?id=37830998

Trust: 1.0

url:https://github.com/golang/go/issues/63417

Trust: 1.0

url:https://github.com/bcdannyboy/cve-2023-44487

Trust: 1.0

url:https://github.com/facebook/proxygen/pull/466

Trust: 1.0

url:https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632

Trust: 1.0

url:https://netty.io/news/2023/10/10/4-1-100-final.html

Trust: 1.0

url:https://github.com/kubernetes/kubernetes/pull/121120

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/

Trust: 1.0

url:https://github.com/line/armeria/pull/5232

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20231016-0001/

Trust: 1.0

url:https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/

Trust: 1.0

url:https://github.com/apache/apisix/issues/10320

Trust: 1.0

url:https://blog.vespa.ai/cve-2023-44487/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/

Trust: 1.0

url:https://github.com/nodejs/node/pull/50121

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html

Trust: 1.0

url:https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html

Trust: 1.0

url:https://security.paloaltonetworks.com/cve-2023-44487

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/

Trust: 1.0

url:https://github.com/micrictor/http2-rst-stream

Trust: 1.0

url:https://github.com/nghttp2/nghttp2/pull/1961

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/20/8

Trust: 1.0

url:https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113

Trust: 1.0

url:https://github.com/projectcontour/contour/pull/5826

Trust: 1.0

url:https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/

Trust: 1.0

url:https://github.com/apache/httpd-site/pull/10

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/

Trust: 1.0

url:https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73

Trust: 1.0

url:https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/

Trust: 1.0

url:https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/

Trust: 1.0

url:https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause

Trust: 1.0

url:https://github.com/grpc/grpc-go/pull/6703

Trust: 1.0

url:https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html

Trust: 1.0

url:https://github.com/envoyproxy/envoy/pull/30055

Trust: 1.0

url:https://github.com/arkrwn/poc/tree/main/cve-2023-44487

Trust: 1.0

url:https://github.com/varnishcache/varnish-cache/issues/3996

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/

Trust: 1.0

url:https://github.com/etcd-io/etcd/issues/16740

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/

Trust: 1.0

url:https://github.com/oqtane/oqtane.framework/discussions/3367

Trust: 1.0

url:https://github.com/apache/trafficserver/pull/10564

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/

Trust: 1.0

url:https://github.com/alibaba/tengine/issues/1872

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/13/4

Trust: 1.0

url:https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/

Trust: 1.0

url:https://github.com/kazu-yamamoto/http2/issues/93

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/

Trust: 1.0

url:https://github.com/junkurihara/rust-rpxy/issues/97

Trust: 1.0

url:https://github.com/ninenines/cowboy/issues/1615

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/

Trust: 1.0

url:https://github.com/opensearch-project/data-prepper/issues/3474

Trust: 1.0

url:https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/

Trust: 1.0

url:https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/

Trust: 1.0

url:https://github.com/caddyserver/caddy/releases/tag/v2.7.5

Trust: 1.0

url:https://github.com/advisories/ghsa-qppj-fm5r-hxr3

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/13/9

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/

Trust: 1.0

url:https://www.phoronix.com/news/http2-rapid-reset-attack

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/18/4

Trust: 1.0

url:https://github.com/dotnet/announcements/issues/277

Trust: 1.0

url:https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/

Trust: 1.0

url:https://github.com/h2o/h2o/pull/3291

Trust: 1.0

url:https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5558

Trust: 1.0

url:https://my.f5.com/manage/s/article/k000137106

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/

Trust: 1.0

url:https://security.gentoo.org/glsa/202311-09

Trust: 1.0

url:https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/

Trust: 1.0

url:https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1

Trust: 1.0

url:https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html

Trust: 1.0

url:https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html

Trust: 1.0

url:https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715

Trust: 1.0

url:https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve

Trust: 1.0

url:https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/

Trust: 1.0

url:https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5540

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5522

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html

Trust: 1.0

url:https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240426-0007/

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/18/8

Trust: 1.0

url:https://bugzilla.suse.com/show_bug.cgi?id=1216123

Trust: 1.0

url:https://github.com/caddyserver/caddy/issues/5877

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/

Trust: 1.0

url:https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764

Trust: 1.0

url:https://github.com/openresty/openresty/issues/930

Trust: 1.0

url:https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0

Trust: 1.0

url:https://access.redhat.com/security/vulnerabilities/rhsb-2023-003

Trust: 0.8

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.8

url:https://access.redhat.com/articles/11258

Trust: 0.6

url:https://access.redhat.com/jbossnetwork/restricted/softwaredetail.html?softwareid=70381&product=data.grid&version=7.3&downloadtype=patches

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:6286

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6286.json

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-33934

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-47185

Trust: 0.1

url:https://security-tracker.debian.org/tracker/trafficserver

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-41752

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-39456

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:7218

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7218.json

Trust: 0.1

url:https://bugzilla.redhat.com/show_bug.cgi?id=2264574

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2024:1444

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1444.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:6137

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6137.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:6023

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6023.json

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Trust: 0.1

url:https://access.redhat.com/errata/rhba-2023:5905

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5902

Trust: 0.1

url:https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5902.json

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6022.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:6022

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5707

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5707.json

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6994-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/netty/1:4.1.48-4+deb11u2build0.22.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-34462

Trust: 0.1

sources: PACKETSTORM: 175500 // PACKETSTORM: 175650 // PACKETSTORM: 175756 // PACKETSTORM: 177716 // PACKETSTORM: 175348 // PACKETSTORM: 175290 // PACKETSTORM: 175281 // PACKETSTORM: 175389 // PACKETSTORM: 175159 // PACKETSTORM: 181430 // NVD: CVE-2023-44487

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 175500 // PACKETSTORM: 175756 // PACKETSTORM: 177716 // PACKETSTORM: 175348 // PACKETSTORM: 175290 // PACKETSTORM: 175281 // PACKETSTORM: 175389 // PACKETSTORM: 175159

SOURCES

db:PACKETSTORMid:175500
db:PACKETSTORMid:175650
db:PACKETSTORMid:175756
db:PACKETSTORMid:177716
db:PACKETSTORMid:175348
db:PACKETSTORMid:175290
db:PACKETSTORMid:175281
db:PACKETSTORMid:175389
db:PACKETSTORMid:175159
db:PACKETSTORMid:181430
db:NVDid:CVE-2023-44487

LAST UPDATE DATE

2025-05-17T21:21:02.986000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2023-44487date:2025-04-12T01:00:01.957

SOURCES RELEASE DATE

db:PACKETSTORMid:175500date:2023-11-13T20:49:23
db:PACKETSTORMid:175650date:2023-11-13T22:11:28
db:PACKETSTORMid:175756date:2023-11-16T14:37:49
db:PACKETSTORMid:177716date:2024-03-21T14:25:59
db:PACKETSTORMid:175348date:2023-10-26T14:34:38
db:PACKETSTORMid:175290date:2023-10-24T15:51:45
db:PACKETSTORMid:175281date:2023-10-24T15:50:04
db:PACKETSTORMid:175389date:2023-10-30T12:35:16
db:PACKETSTORMid:175159date:2023-10-18T16:22:55
db:PACKETSTORMid:181430date:2024-09-10T16:02:06
db:NVDid:CVE-2023-44487date:2023-10-10T14:15:10.883