1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2023-c0c6a91330

[FEDORA-2023-c0c6a91330] Fedora 37: mod_http2

Severity High
Affected Packages 1
CVEs 2
Info Packages References Vulnerabilities
  • New version 2.0.25 - Security update
Package Affected Version
pkg:rpm/fedora/mod_http2?distro=fedora-37 < 2.0.25.1.fc37
ID
FEDORA-2023-c0c6a91330
Severity
high
Severity from
CVE-2023-44487
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c0c6a91330
Published
2023-11-07T02:32:37
(10 months ago)
Modified
2023-11-07T02:32:37
(10 months ago)
Rights
Copyright 2023 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2245070 Bug #2245070 - CVE-2023-45802 mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2245070
Bugzilla 2243248 Bug #2243248 - [Major Incident] CVE-2023-44487 mod_http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243248
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/mod_http2?distro=fedora-37 fedora mod_http2 < 2.0.25.1.fc37 fedora-37
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date