- Vulnerability/
- CVE-2023-44487
9/10/2023
10/10/2023
10/10/2023
10/10/2023
18/12/2024
21/2/2025
CVE-2023-44487: - Rapid Reset HTTP/2 vulnerability
First published: Mon Oct 09 2023(Updated: )
## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows 11 | =21H2 | |
| Microsoft Windows Server 2022 | ||
| Microsoft Windows Server 2022 | ||
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows 11 | =22H2 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =21H2 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =22H2 | |
| Microsoft Windows 10 | =1809 | |
| debian/netty | <=1:4.1.48-7<=1:4.1.48-4 | 1:4.1.48-8 1:4.1.48-4+deb11u2 1:4.1.48-7+deb12u1 |
| Microsoft ASP.NET Core | =7.0 | |
| Microsoft ASP.NET Core | =6.0 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | ||
| Microsoft .NET 6.0 | ||
| Microsoft .NET 7.0 | ||
| maven/org.apache.tomcat:tomcat-coyote | >=8.5.0<8.5.94 | 8.5.94 |
| maven/org.apache.tomcat:tomcat-coyote | >=9.0.0<9.0.81 | 9.0.81 |
| maven/org.apache.tomcat:tomcat-coyote | >=10.0.0<10.1.14 | 10.1.14 |
| maven/org.apache.tomcat:tomcat-coyote | >=11.0.0-M1<11.0.0-M12 | 11.0.0-M12 |
| maven/com.typesafe.akka:akka-http-core_2.11 | <=10.1.15 | |
| maven/com.typesafe.akka:akka-http-core_2.12 | <10.5.3 | 10.5.3 |
| maven/com.typesafe.akka:akka-http-core_2.13 | <10.5.3 | 10.5.3 |
| maven/com.typesafe.akka:akka-http-core | <10.5.3 | 10.5.3 |
| maven/org.eclipse.jetty.http2:jetty-http2-server | >=12.0.0<12.0.2 | 12.0.2 |
| maven/org.eclipse.jetty.http2:jetty-http2-common | >=12.0.0<12.0.2 | 12.0.2 |
| maven/org.eclipse.jetty.http2:http2-server | >=11.0.0<11.0.17 | 11.0.17 |
| maven/org.eclipse.jetty.http2:http2-server | >=10.0.0<10.0.17 | 10.0.17 |
| maven/org.eclipse.jetty.http2:http2-server | >=9.3.0<9.4.53 | 9.4.53 |
| maven/org.eclipse.jetty.http2:http2-common | >=11.0.0<11.0.17 | 11.0.17 |
| maven/org.eclipse.jetty.http2:http2-common | >=10.0.0<10.0.17 | 10.0.17 |
| maven/org.eclipse.jetty.http2:http2-common | >=9.3.0<9.4.53 | 9.4.53 |
| swift/github.com/apple/swift-nio-http2 | <1.28.0 | 1.28.0 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=8.5.0<8.5.94 | 8.5.94 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=9.0.0<9.0.81 | 9.0.81 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=10.0.0<10.1.14 | 10.1.14 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=11.0.0-M1<11.0.0-M12 | 11.0.0-M12 |
| go/google.golang.org/grpc | <1.56.3 | 1.56.3 |
| go/google.golang.org/grpc | >=1.57.0<1.57.1 | 1.57.1 |
| go/google.golang.org/grpc | >=1.58.0<1.58.3 | 1.58.3 |
| go/golang.org/x/net | <0.17.0 | 0.17.0 |
| IETF HTTP | ||
| IETF HTTP | =2.0 | |
| libnghttp2-14 | <1.57.0 | |
| Netty Netty | <4.1.100 | |
| Envoy Proxy | =1.24.10 | |
| Envoy Proxy | =1.25.9 | |
| Envoy Proxy | =1.26.4 | |
| Envoy Proxy | =1.27.0 | |
| Eclipse Jetty | <9.4.53 | |
| Eclipse Jetty | >=10.0.0<10.0.17 | |
| Eclipse Jetty | >=11.0.0<11.0.17 | |
| Eclipse Jetty | >=12.0.0<12.0.2 | |
| Caddy | <2.7.5 | |
| Ruby | <1.20.10 | |
| Ruby | >=1.21.0<1.21.3 | |
| golang http2 Go | <0.17.0 | |
| golang networking go | <0.17.0 | |
| F5 BIG-IP Access Policy Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Access Policy Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Access Policy Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Access Policy Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Access Policy Manager | =17.1.0 | |
| F5 BIG-IP Advanced Firewall Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Advanced Firewall Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Advanced Firewall Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Advanced Firewall Manager | =17.1.0 | |
| F5 BIG-IP Advanced WAF/ASM | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Advanced WAF/ASM | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Advanced WAF/ASM | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Advanced WAF/ASM | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Advanced WAF/ASM | =17.1.0 | |
| F5 BIG-IP Analytics | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Analytics | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Analytics | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Analytics | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Analytics | =17.1.0 | |
| f5 big-ip application acceleration manager | >=13.1.0<=13.1.5 | |
| f5 big-ip application acceleration manager | >=14.1.0<=14.1.5 | |
| f5 big-ip application acceleration manager | >=15.1.0<=15.1.10 | |
| f5 big-ip application acceleration manager | >=16.1.0<=16.1.4 | |
| f5 big-ip application acceleration manager | =17.1.0 | |
| F5 BIG-IP Application Security Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Application Security Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Application Security Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Application Security Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Application Security Manager | =17.1.0 | |
| F5 BIG-IP Application Visibility and Reporting | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Application Visibility and Reporting | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Application Visibility and Reporting | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Application Visibility and Reporting | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Application Visibility and Reporting | =17.1.0 | |
| F5 BIG-IP Carrier-Grade NAT | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Carrier-Grade NAT | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Carrier-Grade NAT | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Carrier-Grade NAT | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Carrier-Grade NAT | =17.1.0 | |
| F5 BIG-IP DDoS Hybrid Defender | >=13.1.0<=13.1.5 | |
| F5 BIG-IP DDoS Hybrid Defender | >=14.1.0<=14.1.5 | |
| F5 BIG-IP DDoS Hybrid Defender | >=15.1.0<=15.1.10 | |
| F5 BIG-IP DDoS Hybrid Defender | >=16.1.0<=16.1.4 | |
| F5 BIG-IP DDoS Hybrid Defender | =17.1.0 | |
| f5 big-ip domain name system | >=13.1.0<=13.1.5 | |
| f5 big-ip domain name system | >=14.1.0<=14.1.5 | |
| f5 big-ip domain name system | >=15.1.0<=15.1.10 | |
| f5 big-ip domain name system | >=16.1.0<=16.1.4 | |
| f5 big-ip domain name system | =17.1.0 | |
| f5 big-ip fraud protection service | >=13.1.0<=13.1.5 | |
| f5 big-ip fraud protection service | >=14.1.0<=14.1.5 | |
| f5 big-ip fraud protection service | >=15.1.0<=15.1.10 | |
| f5 big-ip fraud protection service | >=16.1.0<=16.1.4 | |
| f5 big-ip fraud protection service | =17.1.0 | |
| F5 BIG-IP Global Traffic Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Global Traffic Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Global Traffic Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Global Traffic Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Global Traffic Manager | =17.1.0 | |
| f5 big-ip link controller | >=13.1.0<=13.1.5 | |
| f5 big-ip link controller | >=14.1.0<=14.1.5 | |
| f5 big-ip link controller | >=15.1.0<=15.1.10 | |
| f5 big-ip link controller | >=16.1.0<=16.1.4 | |
| f5 big-ip link controller | =17.1.0 | |
| F5 BIG-IP Local Traffic Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Local Traffic Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Local Traffic Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Local Traffic Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Local Traffic Manager | =17.1.0 | |
| F5 BIG-IP Next | =20.0.1 | |
| F5 BIG-IP Next Service Proxy for Kubernetes | >=1.5.0<=1.8.2 | |
| F5 BIG-IP Policy Enforcement Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Policy Enforcement Manager | >=14.1.0<=14.1.5 | |
| F5 BIG-IP Policy Enforcement Manager | >=15.1.0<=15.1.10 | |
| F5 BIG-IP Policy Enforcement Manager | >=16.1.0<=16.1.4 | |
| F5 BIG-IP Policy Enforcement Manager | =17.1.0 | |
| F5 BIG-IP SSL Orchestrator | >=13.1.0<=13.1.5 | |
| F5 BIG-IP SSL Orchestrator | >=14.1.0<=14.1.5 | |
| F5 BIG-IP SSL Orchestrator | >=15.1.0<=15.1.10 | |
| F5 BIG-IP SSL Orchestrator | >=16.1.0<=16.1.4 | |
| F5 BIG-IP SSL Orchestrator | =17.1.0 | |
| F5 BIG-IP WebAccelerator | >=13.1.0<=13.1.5 | |
| F5 BIG-IP WebAccelerator | >=14.1.0<=14.1.5 | |
| F5 BIG-IP WebAccelerator | >=15.1.0<=15.1.10 | |
| F5 BIG-IP WebAccelerator | >=16.1.0<=16.1.4 | |
| F5 BIG-IP WebAccelerator | =17.1.0 | |
| F5 WebSafe | >=13.1.0<=13.1.5 | |
| F5 WebSafe | >=14.1.0<=14.1.5 | |
| F5 WebSafe | >=15.1.0<=15.1.10 | |
| F5 WebSafe | >=16.1.0<=16.1.4 | |
| F5 WebSafe | =17.1.0 | |
| f5 nginx | >=1.9.5<=1.25.2 | |
| F5 NGINX Ingress Controller | >=2.0.0<=2.4.2 | |
| F5 NGINX Ingress Controller | >=3.0.0<=3.3.0 | |
| NGINX Plus | >=r25<r29 | |
| NGINX Plus | =r29 | |
| NGINX Plus | =r30 | |
| Apache Tomcat | >=8.5.0<=8.5.93 | |
| Apache Tomcat | >=9.0.0<=9.0.80 | |
| Apache Tomcat | >=10.1.0<=10.1.13 | |
| Apache Tomcat | =11.0.0-milestone1 | |
| Apache Tomcat | =11.0.0-milestone10 | |
| Apache Tomcat | =11.0.0-milestone11 | |
| Apache Tomcat | =11.0.0-milestone2 | |
| Apache Tomcat | =11.0.0-milestone3 | |
| Apache Tomcat | =11.0.0-milestone4 | |
| Apache Tomcat | =11.0.0-milestone5 | |
| Apache Tomcat | =11.0.0-milestone6 | |
| Apache Tomcat | =11.0.0-milestone7 | |
| Apache Tomcat | =11.0.0-milestone8 | |
| Apache Tomcat | =11.0.0-milestone9 | |
| Apple SwiftNIO HTTP/2 | <1.28.0 | |
| gRPC Go | <1.56.3 | |
| gRPC Go | >=1.58.0<1.58.3 | |
| gRPC Go | =1.57.0 | |
| Microsoft .NET Framework | >=6.0.0<6.0.23 | |
| Microsoft .NET Framework | >=7.0.0<7.0.12 | |
| Microsoft ASP.NET Core | >=6.0.0<6.0.23 | |
| Microsoft ASP.NET Core | >=7.0.0<7.0.12 | |
| Microsoft Azure Kubernetes Service | <2023-10-08 | |
| Microsoft Visual Studio 2022 | >=17.0<17.2.20 | |
| Microsoft Visual Studio 2022 | >=17.4<17.4.12 | |
| Microsoft Visual Studio 2022 | >=17.6<17.6.8 | |
| Microsoft Visual Studio 2022 | >=17.7<17.7.5 | |
| Microsoft Windows 10 Version 1607 x86 | <10.0.14393.6351 | |
| Microsoft Windows 10 Version 1607 x86 | <10.0.14393.6351 | |
| Microsoft Windows 10 1809 | <10.0.17763.4974 | |
| Microsoft Windows 10 21h2 | <10.0.19044.3570 | |
| Microsoft Windows 10 22h2 | <10.0.19045.3570 | |
| Microsoft Windows 11 21h2 | <10.0.22000.2538 | |
| Microsoft Windows 11 22h2 | <10.0.22621.2428 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 2022 | ||
| Node.js | <21.0.0 | |
| Microsoft CBL-Mariner | <2023-10-11 | |
| H2O.ai H2O | <2023-10-10 | |
| Facebook Proxygen | <2023.10.16.00 | |
| Apache APISIX | <3.6.1 | |
| Apache Traffic Server | >=8.0.0<8.1.9 | |
| Apache Traffic Server | >=9.0.0<9.2.3 | |
| OpenSearch Data Prepper | <2.5.0 | |
| Debian GNU/Linux | =10.0 | |
| Debian GNU/Linux | =11.0 | |
| Debian GNU/Linux | =12.0 | |
| kazu-yamamoto http2 | <4.2.2 | |
| Istio Istio | <1.17.6 | |
| Istio Istio | >=1.18.0<1.18.3 | |
| Istio Istio | >=1.19.0<1.19.1 | |
| Varnish Cache project Varnish Cache | <2023-10-10 | |
| Traefik | <2.10.5 | |
| Traefik | =3.0.0-beta1 | |
| Traefik | =3.0.0-beta2 | |
| Traefik | =3.0.0-beta3 | |
| Project Contour for Kubernetes | <2023-10-11 | |
| Linkerd Linkerd | >=2.12.0<=2.12.5 | |
| Linkerd Linkerd | =2.13.0 | |
| Linkerd Linkerd | =2.13.1 | |
| Linkerd Linkerd | =2.14.0 | |
| Linkerd Linkerd | =2.14.1 | |
| Line Corporation Armeria | <1.26.0 | |
| Red Hat 3scale API Management Platform | =2.0 | |
| redhat advanced cluster management for kubernetes | =2.0 | |
| Red Hat Advanced Cluster Security | =3.0 | |
| Red Hat Advanced Cluster Security | =4.0 | |
| redhat ANSIBLE automation platform | =2.0 | |
| Red Hat Build of OptaPlanner | =8.0 | |
| Red Hat Quarkus | ||
| redhat Ceph storage | =5.0 | |
| Red Hat Cert Manager Operator for Red Hat OpenShift | ||
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Cost Management | ||
| Red Hat Cryostat | =2.0 | |
| redhat decision manager | =7.0 | |
| Red Hat Fence Agents Remediation Operator | ||
| Apache Camel | ||
| Apache Camel | ||
| Red Hat Integration - Service Registry | ||
| redhat jboss a-mq | =7 | |
| Red Hat JBoss A-MQ Streams | ||
| redhat jboss core services | ||
| redhat jboss data grid | =7.0.0 | |
| redhat jboss enterprise application platform | =6.0.0 | |
| redhat jboss enterprise application platform | =7.0.0 | |
| Red Hat JBoss Fuse | =6.0.0 | |
| Red Hat JBoss Fuse | =7.0.0 | |
| Red Hat Logging Subsystem for Red Hat OpenShift | ||
| Red Hat Machine Deletion Remediation Operator | ||
| Red Hat Migration Toolkit for Applications | =6.0 | |
| redhat migration toolkit for containers | ||
| Red Hat Migration Toolkit for Virtualization | ||
| Red Hat Network Observability Operator | ||
| redhat node healthcheck operator | ||
| Red Hat Node Maintenance Operator | ||
| Red Hat OpenShift AWS | ||
| Red Hat OpenShift API for Data Protection | ||
| redhat openshift container platform | =4.0 | |
| Red Hat OpenShift Container Platform Assisted Installer | ||
| Red Hat OpenShift Data Science | ||
| Red Hat OpenShift Dev Spaces | ||
| Red Hat OpenShift Developer Tools and Services | ||
| Red Hat OpenShift Distributed Tracing | ||
| Red Hat OpenShift GitOps | ||
| Red Hat OpenShift Pipelines | ||
| Red Hat OpenShift Sandboxed Containers | ||
| Red Hat OpenShift Secondary Scheduler Operator | ||
| Red Hat OpenShift Serverless | ||
| redhat openshift service mesh | =2.0 | |
| Red Hat OpenShift Virtualization | =4 | |
| Red Hat OpenStack Platform | =16.1 | |
| Red Hat OpenStack Platform | =16.2 | |
| Red Hat OpenStack Platform | =17.1 | |
| Red Hat Process Automation Manager | =7.0 | |
| redhat quay | =3.0.0 | |
| Red Hat Run Once Duration Override Operator | ||
| redhat satellite | =6.0 | |
| Red Hat Self Node Remediation Operator | ||
| Red Hat Service Interconnect | =1.0 | |
| redhat single sign-on | =7.0 | |
| Red Hat Support for Spring Boot | ||
| redhat web terminal | ||
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Service Telemetry Framework | =1.5 | |
| Red Hat Enterprise Linux | =8.0 | |
| Fedoraproject Fedora | =38 | |
| NetApp Astra Control Center | ||
| Lightbend Akka HTTP | <10.5.3 | |
| Kong Gateway | <3.4.2 | |
| gRPC | <=1.59.2 | |
| Node.js | >=18.0.0<18.18.2 | |
| Node.js | >=20.0.0<20.8.1 | |
| linkerd | >=2.12.0<=2.12.5 | |
| linkerd | =2.13.0 | |
| linkerd | =2.13.1 | |
| linkerd | =2.14.0 | |
| linkerd | =2.14.1 | |
| All of | ||
| Red Hat Service Telemetry Framework | =1.5 | |
| Red Hat Enterprise Linux | =8.0 | |
| Fedoraproject Fedora | =37 | |
| NetApp OnCommand Insight | ||
| Jenkins | <=2.414.2 | |
| Jenkins | <=2.427 | |
| Apache Solr | <9.4.0 | |
| OpenResty | <1.21.4.3 | |
| Cisco Connected Mobile Experiences | <11.1 | |
| cisco crosswork data gateway | <4.1.3 | |
| cisco crosswork data gateway | =5.0 | |
| cisco crosswork zero touch provisioning | <6.0.0 | |
| Cisco Data Center Network Manager | ||
| Cisco Enterprise Chat and Email | ||
| Cisco Expressway-C | <x14.3.3 | |
| Cisco Firepower Threat Defense | <7.4.2 | |
| Cisco IoT Field Network Director | <4.11.0 | |
| Cisco Prime Access Registrar | <9.3.3 | |
| cisco prime cable provisioning | <7.2.1 | |
| Cisco Prime Infrastructure | <3.10.4 | |
| Cisco Prime Network Registrar | <11.2 | |
| Cisco Secure Dynamic Attributes Connector | <2.2.0 | |
| Cisco Secure Malware Analytics | <2.19.2 | |
| Cisco TelePresence Video Communication Server Firmware | <x14.3.3 | |
| Cisco Ultra Cloud Core | <2024.01.0 | |
| Cisco Ultra Cloud Core | =2024.01.0 | |
| Cisco Ultra Cloud Core | <2024.02.0 | |
| Cisco Ultra Cloud Core | <2024.02.0 | |
| Cisco Unified Attendant Console Advanced | ||
| Cisco Unified Contact Center Domain Manager | ||
| Cisco IP Contact Center Enterprise | ||
| Cisco Unified Contact Center Enterprise - Live Data Server | <12.6.2 | |
| Cisco Unified Contact Center Domain Manager | ||
| Cisco Fog Director | <1.22 | |
| Cisco IOS XE | <17.15.1 | |
| Cisco IOS XRv 9000 | <7.11.2 | |
| All of | ||
| Cisco Secure Web Appliance | <15.1.0 | |
| Cisco Secure Web Appliance | ||
| All of | ||
| Any of | ||
| Cisco NX-OS | <10.2\(7\) | |
| Cisco NX-OS | >=10.3\(1\)<10.3\(5\) | |
| Any of | ||
| Cisco Nexus 3016Q Firmware | ||
| Cisco Nexus 3016Q | ||
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 3064x | ||
| Cisco Nexus 3064 | ||
| Cisco Nexus 3064 | ||
| Cisco Nexus 3064x | ||
| Cisco Nexus 3064 | ||
| Cisco Nexus 3064X Firmware | ||
| Cisco Nexus 3100 | ||
| Cisco Nexus 3100v | ||
| Cisco Nexus 3100-Z firmware | ||
| Cisco Nexus 3100-V | ||
| Cisco Nexus 31108PV-V | ||
| Cisco Nexus 31108PV-V Firmware | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-XL | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-X/3132Q-XL | ||
| Cisco Nexus 3132Q-X/3132Q-XL | ||
| Cisco Nexus 3132Q-X/3132Q-XL | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172 | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3200 | ||
| Cisco Nexus 3232 | ||
| Cisco Nexus 3232C | ||
| Cisco Nexus 3232C | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3400 Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 34200YC-SM | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco Nexus 3500 Platform | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-x/xl | ||
| Cisco Nexus 3524-x/xl | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-x/xl | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3600 | ||
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 3636C-R Firmware | ||
| All of | ||
| Any of | ||
| Cisco NX-OS | <10.2\(7\) | |
| Cisco NX-OS | >=10.3\(1\)<10.3\(5\) | |
| Any of | ||
| Cisco NX-OS Nexus 9000 Series | ||
| Cisco Nexus 9200 firmware | ||
| Cisco Nexus 9200 | ||
| Cisco Nexus 92160YC Switch | ||
| Cisco Nexus 92160YC Switch | ||
| Cisco Nexus 9221C Firmware | ||
| Cisco Nexus 92300YC Switch | ||
| Cisco Nexus 92300YC | ||
| Cisco Nexus 92304qc | ||
| Cisco Nexus 92304QC Switch | ||
| Cisco Nexus 9232E | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9236c | ||
| Cisco Nexus 9236C Switch | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus 9300 Firmware | ||
| Cisco Nexus | ||
| Cisco Nexus 93108TC-EX-24 Switch | ||
| Cisco Nexus 93108TC-EX-24 | ||
| Cisco Nexus 93108TC-FX Switch | ||
| Cisco Nexus 93108TC-FX Switch | ||
| Cisco Nexus 93108TC-FX3H | ||
| Cisco Nexus 93108TC-FX3P Firmware | ||
| Cisco Nexus 93120tx | ||
| Cisco Nexus 93120TX Switch | ||
| Cisco Nexus 93128TX Switch | ||
| Cisco Nexus 93128tx | ||
| Cisco Nexus 93128TX Firmware | ||
| Cisco Nexus 9316D-GX Firmware | ||
| Cisco Nexus 93180LC-EX Switch | ||
| Cisco Nexus 93180LC-EX | ||
| Cisco Nexus 93180TC-EX Firmware | ||
| Cisco Nexus 93180YC-EX | ||
| Cisco Nexus 93180YC-EX-24 Firmware | ||
| Cisco Nexus 93180YC-EX-24 | ||
| Cisco Nexus 93180YC-FX Firmware | ||
| Cisco Nexus 93180YC-FX-24 Firmware | ||
| Cisco Nexus 93180YC-FX3 Firmware | ||
| Cisco Nexus 93180YC-FX3H | ||
| Cisco Nexus 93180YC-FX3S Firmware | ||
| Cisco Nexus 93216TC-FX2 Firmware | ||
| Cisco Nexus 93240TC-FX2 | ||
| Cisco Nexus 93240YC-FX2 Firmware | ||
| Cisco Nexus 9332C Firmware | ||
| Cisco Nexus 9332D-GX2B firmware | ||
| Cisco Nexus 9332D-H2R | ||
| Cisco Nexus 9332pq | ||
| Cisco Nexus 9332PQ Switch | ||
| Cisco Nexus 93360YC-FX2 | ||
| Cisco Nexus 9336C-FX2 Firmware | ||
| Cisco Nexus 9336C-FX2-E Firmware | ||
| Cisco Nexus N9336PQ | ||
| Cisco Nexus 9336PQ ACI Spine Switch | ||
| Cisco Nexus N9336PQ-X | ||
| Cisco Nexus 9336PQ | ||
| Cisco Nexus 9348D-GX2A | ||
| Cisco Nexus 9348GC-FX3 | ||
| Cisco Nexus 9348GC-FXP Firmware | ||
| Cisco Nexus 93600CD-GX Firmware | ||
| Cisco Nexus 9364C-GX Firmware | ||
| Cisco Nexus 9364C-GX Firmware | ||
| Cisco Nexus 9364D-GX2A Firmware | ||
| Cisco Nexus 9372px | ||
| Cisco Nexus 9372PX-E Switch | ||
| Cisco Nexus 9372PX-E | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus 9372tx | ||
| Cisco Nexus 9372TX-E Switch | ||
| Cisco Nexus 9372TX-E | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus 9396px | ||
| Cisco Nexus 9396PX Switch | ||
| Cisco Nexus 9396tx | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus 9408 | ||
| Cisco Nexus 9432PQ | ||
| Cisco Nexus 9500 firmware | ||
| Cisco Nexus 9500 | ||
| Cisco Nexus 9500 | ||
| Cisco Nexus 9500 | ||
| Cisco Nexus 9500 Supervisor A | ||
| Cisco Nexus 9500 Supervisor A+ | ||
| Cisco Nexus 9500 Supervisor B firmware | ||
| Cisco Nexus 9500 Supervisor B+ | ||
| Cisco Nexus 9500R Firmware | ||
| Cisco Nexus 9504 | ||
| Cisco Nexus | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus | ||
| Cisco Nexus 9516 | ||
| Cisco Nexus | ||
| Cisco Nexus 9536PQ Firmware | ||
| Cisco Nexus 9636PQ Firmware | ||
| Cisco Nexus 9716D-GX Firmware | ||
| Cisco Nexus 9736PQ Firmware | ||
| Cisco Nexus 9800 Firmware | ||
| Cisco Nexus 9804 | ||
| Cisco Nexus 9808 | ||
| debian/dnsdist | <=1.5.1-3<=1.7.3-2 | 1.9.8-1 |
| debian/grpc | <=1.30.2-3<=1.51.1-3<=1.51.1-5 | |
| debian/h2o | <=2.2.5+dfsg2-6<=2.2.5+dfsg2-7 | 2.2.5+dfsg2-11 |
| debian/haproxy | 2.2.9-2+deb11u6 2.6.12-1+deb12u1 3.0.8-1 | |
| debian/jetty9 | 9.4.50-4+deb11u2 9.4.50-4+deb12u3 9.4.56-1 | |
| debian/netty | 1:4.1.48-4+deb11u2 1:4.1.48-7+deb12u1 1:4.1.48-10 | |
| debian/nghttp2 | 1.43.0-1+deb11u1 1.43.0-1+deb11u2 1.52.0-1+deb12u2 1.52.0-1+deb12u1 1.64.0-1 | |
| debian/nginx | <=1.18.0-6.1+deb11u3<=1.22.1-9 | 1.26.3-2 |
| debian/tomcat10 | 10.1.6-1+deb12u2 10.1.34-0+deb12u1 10.1.35-1 | |
| debian/tomcat9 | 9.0.43-2~deb11u10 9.0.43-2~deb11u11 9.0.70-2 9.0.95-1 | |
| debian/trafficserver | 8.1.10+ds-1~deb11u1 8.1.11+ds-0+deb11u2 9.2.5+ds-0+deb12u1 9.2.5+ds-1 | |
| debian/varnish | <=6.5.1-1+deb11u3<=7.1.1-1.1 | 7.6.1-2 |
| IBM Data Virtualization on Cloud Pak for Data | <=3.0 | |
| IBM Watson Query with Cloud Pak for Data | <=2.2 | |
| IBM Watson Query with Cloud Pak for Data | <=2.1 | |
| IBM Watson Query with Cloud Pak for Data | <=2.0 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.8 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.7 | |
| redhat/golang | <1.21.3 | 1.21.3 |
| redhat/golang | <1.20.10 | 1.20.10 |
| redhat/tomcat | <11.0.0 | 11.0.0 |
| redhat/tomcat | <10.1.14 | 10.1.14 |
| redhat/tomcat | <9.0.81 | 9.0.81 |
| redhat/tomcat | <8.5.94 | 8.5.94 |
| redhat/nghttp2 | <1.57.0 | 1.57.0 |
| redhat/netty | <4.1.100. | 4.1.100. |
| Fortinet FortiOS IPS Engine | >=7.4.0<=7.4.1 | |
| Fortinet FortiOS IPS Engine | >=7.2.0<=7.2.7 | |
| Fortinet FortiOS IPS Engine | >=7.0.0<=7.0.13 | |
| Fortinet FortiProxy | >=7.4.0<=7.4.1 | |
| Fortinet FortiProxy | >=7.2.0<=7.2.7 | |
| Fortinet FortiProxy | >=7.0 | |
| F5 BIG-IP Next (LTM) | =20.0.1 | 20.1.0 |
| F5 BIG-IP Next | >=1.5.0<=1.8.2 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=17.1.0<=17.1.1 | 17.1.1.3 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=16.1.0<=16.1.4 | 16.1.4.3 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=15.1.0<=15.1.10 | 15.1.10.4 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=14.1.0<=14.1.5 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=13.1.0<=13.1.5 | |
| NGINX | =25 | 30 |
| Nginx | >=1.9.5<=1.25.2 | |
| Kubernetes Nginx Ingress Controller | >=3.0.0<=3.3.0 | 3.3.1 |
| Kubernetes Nginx Ingress Controller | >=2.0.0<=2.4.2 | |
| Kubernetes Nginx Ingress Controller | =1.12.2 | |
| Visual Studio Professional 2022 | =17.6 | |
| Visual Studio Professional 2022 | =17.2 | |
| Visual Studio Professional 2022 | =17.7 |
Remedy
https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 (Advisory)
- https://security-tracker.debian.org/tracker/CVE-2023-44487
- https://www.cve.org/CVERecord?id=CVE-2023-44487
- https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
- https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
- https://salsa.debian.org/java-team/netty/-/commit/538e85cc9d5a9ff26afcab6d242db4df18a57ce3
- https://security-tracker.debian.org/tracker/CVE-2023-34462
- https://bugs.debian.org/1054234
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234
- https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
- https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
- https://www.bleepingcomputer.com/news/security/new-fortinet-rce-flaw-in-ssl-vpn-likely-exploited-in-attacks/
- https://www.debian.org/security/2023/dsa-5521
- https://www.debian.org/security/2023/dsa-5522
- https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
- https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
- https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
- https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
- https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
- https://github.com/kazu-yamamoto/http2/issues/93
- https://github.com/kubernetes/kubernetes/pull/121120
- https://github.com/opensearch-project/data-prepper/issues/3474
- https://github.com/oqtane/oqtane.framework/discussions/3367
- https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
- https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
- https://netty.io/news/2023/10/10/4-1-100-Final.html
- https://news.ycombinator.com/item?id=37837043
- https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
- https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
- https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
- https://www.openwall.com/lists/oss-security/2023/10/10/6
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
- https://bugzilla.proxmox.com/show_bug.cgi?id=4988
- https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
- https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
- https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
- https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
- https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
- https://github.com/advisories/GHSA-vx74-f528-fxqg
- https://github.com/alibaba/tengine/issues/1872
- https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
- https://github.com/apache/trafficserver/pull/10564
- https://github.com/bcdannyboy/CVE-2023-44487
- https://github.com/caddyserver/caddy/issues/5877
- https://github.com/dotnet/announcements/issues/277
- https://github.com/eclipse/jetty.project/issues/10679
- https://github.com/envoyproxy/envoy/pull/30055
- https://github.com/facebook/proxygen/pull/466
- https://github.com/golang/go/issues/63417
- https://github.com/grpc/grpc-go/pull/6703
- https://github.com/h2o/h2o/pull/3291
- https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
- https://github.com/haproxy/haproxy/issues/2312
- https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
- https://github.com/micrictor/http2-rst-stream
- https://github.com/microsoft/CBL-Mariner/pull/6381
- https://github.com/nghttp2/nghttp2/pull/1961
- https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
- https://github.com/nodejs/node/pull/50121
- https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
- https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
- https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
- https://my.f5.com/manage/s/article/K000137106
- https://news.ycombinator.com/item?id=37830987
- https://news.ycombinator.com/item?id=37830998
- https://news.ycombinator.com/item?id=37831062
- https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
- https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
- https://access.redhat.com/security/cve/cve-2023-44487
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
- https://blog.vespa.ai/cve-2023-44487/
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803
- https://bugzilla.suse.com/show_bug.cgi?id=1216123
- https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
- https://github.com/advisories/GHSA-qppj-fm5r-hxr3 (Advisory)
- https://github.com/apache/httpd-site/pull/10
- https://github.com/etcd-io/etcd/issues/16740
- https://github.com/junkurihara/rust-rpxy/issues/97
- https://github.com/line/armeria/pull/5232
- https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
- https://github.com/ninenines/cowboy/issues/1615
- https://github.com/projectcontour/contour/pull/5826
- https://github.com/tempesta-tech/tempesta/issues/1986
- https://github.com/varnishcache/varnish-cache/issues/3996
- https://istio.io/latest/news/security/istio-security-2023-004/
- https://ubuntu.com/security/CVE-2023-44487
- https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
- https://github.com/Azure/AKS/issues/3947
- https://github.com/Kong/kong/discussions/11741
- https://github.com/akka/akka-http/issues/4323
- https://github.com/apache/apisix/issues/10320
- https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
- https://github.com/caddyserver/caddy/releases/tag/v2.7.5
- https://github.com/openresty/openresty/issues/930
- https://security.paloaltonetworks.com/CVE-2023-44487
- https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
- https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
- http://www.openwall.com/lists/oss-security/2023/10/13/4
- http://www.openwall.com/lists/oss-security/2023/10/13/9
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
- https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
- https://security.netapp.com/advisory/ntap-20231016-0001/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
- http://www.openwall.com/lists/oss-security/2023/10/18/8
- http://www.openwall.com/lists/oss-security/2023/10/18/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
- http://www.openwall.com/lists/oss-security/2023/10/19/6
- http://www.openwall.com/lists/oss-security/2023/10/20/8
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
- https://www.debian.org/security/2023/dsa-5540
- https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
- https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
- https://www.debian.org/security/2023/dsa-5549
- https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
- https://www.debian.org/security/2023/dsa-5558
- https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
- https://security.gentoo.org/glsa/202311-09
- https://www.debian.org/security/2023/dsa-5570
- https://security.netapp.com/advisory/ntap-20240426-0007/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://security.netapp.com/advisory/ntap-20240621-0007/
- https://launchpad.net/bugs/cve/CVE-2023-44487
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
- https://nvd.nist.gov/vuln/detail/CVE-2023-44487
- https://www.darkreading.com/cloud-security/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
- https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3
- https://github.com/hyperium/hyper/issues/3337
- https://chaos.social/@icing/111210915918780532
- https://go.dev/cl/534215
- https://go.dev/cl/534235
- https://go.dev/issue/63417
- https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ
- https://github.com/grpc/grpc-go/releases
- https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12
- https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
- https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty
- https://blog.vespa.ai/cve-2023-44487
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
- https://istio.io/latest/news/security/istio-security-2023-004
- https://linkerd.io/2023/10/12/linkerd-cve-2023-44487
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
- https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2
- https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response
- https://security.netapp.com/advisory/ntap-20231016-0001
- https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records
- https://www.eclipse.org/lists/jetty-announce/msg00181.html
- https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products
- https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday
- https://github.com/akka/akka-http/pull/4325
- https://github.com/akka/akka-http/pull/4324
- https://akka.io/security/akka-http-cve-2023-44487.html
- https://security.netapp.com/advisory/ntap-20240426-0007
- https://security.netapp.com/advisory/ntap-20240621-0006
- https://security.netapp.com/advisory/ntap-20240621-0007
- https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
- https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243127
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243126
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243249
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243250
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243247
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243248
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243253
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243251
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243252
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243321
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243320
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243327
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243323
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243322
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243326
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243324
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243325
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243331
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243328
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243329
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243330
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243611
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243612
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2243613
- https://access.redhat.com/errata/RHSA-2023:5705
- https://access.redhat.com/errata/RHSA-2023:5706
- https://access.redhat.com/errata/RHSA-2023:5707
- https://access.redhat.com/errata/RHSA-2023:5710
- https://access.redhat.com/errata/RHSA-2023:5708
- https://access.redhat.com/errata/RHSA-2023:5711
- https://access.redhat.com/errata/RHSA-2023:5714
- https://access.redhat.com/errata/RHSA-2023:5715
- https://access.redhat.com/errata/RHSA-2023:5709
- https://access.redhat.com/errata/RHSA-2023:5712
- https://access.redhat.com/errata/RHSA-2023:5713
- https://access.redhat.com/errata/RHSA-2023:5719
- https://access.redhat.com/errata/RHSA-2023:5720
- https://access.redhat.com/errata/RHSA-2023:5721
- https://access.redhat.com/errata/RHSA-2023:5738
- https://access.redhat.com/errata/RHSA-2023:5716
- https://access.redhat.com/errata/RHSA-2023:5749
- https://access.redhat.com/errata/RHSA-2023:5724
- https://access.redhat.com/errata/RHSA-2023:5764
- https://access.redhat.com/errata/RHSA-2023:5766
- https://access.redhat.com/errata/RHSA-2023:5765
- https://access.redhat.com/errata/RHSA-2023:5767
- https://access.redhat.com/errata/RHSA-2023:5768
- https://access.redhat.com/errata/RHSA-2023:5770
- https://access.redhat.com/errata/RHSA-2023:5769
- https://access.redhat.com/errata/RHSA-2023:5780
- https://access.redhat.com/errata/RHSA-2023:5783
- https://access.redhat.com/errata/RHSA-2023:5784
- https://access.redhat.com/errata/RHSA-2023:5802
- https://access.redhat.com/errata/RHSA-2023:5803
- https://access.redhat.com/errata/RHSA-2023:5801
- https://access.redhat.com/errata/RHSA-2023:5805
- https://access.redhat.com/errata/RHSA-2023:5679
- https://access.redhat.com/errata/RHSA-2023:5835
- https://access.redhat.com/errata/RHSA-2023:5837
- https://access.redhat.com/errata/RHSA-2023:5838
- https://access.redhat.com/errata/RHSA-2023:5840
- https://access.redhat.com/errata/RHSA-2023:5841
- https://catalog.redhat.com/software/containers/rhel9/go-toolset/61df08166d9a1b7b2aab2344/history?0=a&1=m&2=d&3=6&4=4
- https://catalog.redhat.com/software/containers/rhel8/go-toolset/5b9c810add19c70b45cbd666
- https://access.redhat.com/errata/RHSA-2023:5717
- https://access.redhat.com/errata/RHSA-2023:5849
- https://access.redhat.com/errata/RHSA-2023:5850
- https://access.redhat.com/errata/RHSA-2023:5851
- https://access.redhat.com/errata/RHSA-2023:5864
- https://access.redhat.com/errata/RHSA-2023:5866
- https://access.redhat.com/errata/RHSA-2023:5865
- https://access.redhat.com/errata/RHSA-2023:5867
- https://access.redhat.com/errata/RHSA-2023:5863
- https://access.redhat.com/errata/RHSA-2023:5869
- https://access.redhat.com/errata/RHSA-2023:5920
- https://access.redhat.com/security/cve/CVE-2023-44487
- https://access.redhat.com/errata/RHSA-2023:5922
- https://access.redhat.com/errata/RHSA-2023:5924
- https://access.redhat.com/errata/RHSA-2023:5930
- https://access.redhat.com/errata/RHSA-2023:5931
- https://access.redhat.com/errata/RHSA-2023:5929
- https://access.redhat.com/errata/RHSA-2023:5928
- https://access.redhat.com/errata/RHSA-2023:5935
- https://access.redhat.com/errata/RHSA-2023:5945
- https://access.redhat.com/errata/RHSA-2023:5946
- https://access.redhat.com/errata/RHSA-2023:5541
- https://access.redhat.com/errata/RHSA-2023:5530
- https://access.redhat.com/errata/RHSA-2023:5956
- https://access.redhat.com/errata/RHSA-2023:5969
- https://access.redhat.com/errata/RHSA-2023:5971
- https://access.redhat.com/errata/RHSA-2023:5965
- https://access.redhat.com/errata/RHSA-2023:5964
- https://access.redhat.com/errata/RHSA-2023:5970
- https://access.redhat.com/errata/RHSA-2023:5967
- https://access.redhat.com/errata/RHSA-2023:5973
- https://access.redhat.com/errata/RHSA-2023:5974
- https://access.redhat.com/errata/RHSA-2023:5976
- https://access.redhat.com/errata/RHSA-2023:5978
- https://access.redhat.com/errata/RHSA-2023:5979
- https://access.redhat.com/errata/RHSA-2023:5980
- https://access.redhat.com/errata/RHSA-2023:5982
- https://access.redhat.com/errata/RHSA-2023:5989
- https://access.redhat.com/errata/RHSA-2023:6023
- https://access.redhat.com/errata/RHSA-2023:6022
- https://access.redhat.com/errata/RHSA-2023:6021
- https://access.redhat.com/errata/RHSA-2023:6020
- https://access.redhat.com/errata/RHSA-2023:6030
- https://access.redhat.com/errata/RHSA-2023:6031
- https://access.redhat.com/errata/RHSA-2023:6039
- https://access.redhat.com/errata/RHSA-2023:6041
- https://access.redhat.com/errata/RHSA-2023:6044
- https://access.redhat.com/errata/RHSA-2023:6048
- https://access.redhat.com/errata/RHSA-2023:6057
- https://access.redhat.com/errata/RHSA-2023:6059
- https://access.redhat.com/errata/RHSA-2023:6061
- https://access.redhat.com/errata/RHSA-2023:5902
- https://access.redhat.com/errata/RHSA-2023:5542
- https://access.redhat.com/errata/RHSA-2023:6077
- https://access.redhat.com/errata/RHSA-2023:6079
- https://access.redhat.com/errata/RHSA-2023:6080
- https://access.redhat.com/errata/RHSA-2023:6084
- https://access.redhat.com/errata/RHSA-2023:6085
- https://access.redhat.com/errata/RHSA-2023:5896
- https://access.redhat.com/errata/RHSA-2023:6115
- https://access.redhat.com/errata/RHSA-2023:6117
- https://access.redhat.com/errata/RHSA-2023:6118
- https://access.redhat.com/errata/RHSA-2023:6114
- https://access.redhat.com/errata/RHSA-2023:6120
- https://access.redhat.com/errata/RHSA-2023:6119
- https://access.redhat.com/errata/RHSA-2023:6122
- https://access.redhat.com/errata/RHSA-2023:5947
- https://access.redhat.com/errata/RHSA-2023:5933
- https://access.redhat.com/errata/RHSA-2023:6137
- https://access.redhat.com/errata/RHSA-2023:6106
- https://access.redhat.com/errata/RHSA-2023:6105
- https://access.redhat.com/errata/RHSA-2023:6145
- https://access.redhat.com/errata/RHSA-2023:6148
- https://access.redhat.com/errata/RHSA-2023:6144
- https://access.redhat.com/errata/RHSA-2023:6161
- https://access.redhat.com/errata/RHSA-2023:6165
- https://access.redhat.com/errata/RHSA-2023:6179
- https://access.redhat.com/errata/RHSA-2023:6129
- https://access.redhat.com/errata/RHSA-2023:6200
- https://access.redhat.com/errata/RHSA-2023:6202
- https://access.redhat.com/errata/RHSA-2023:5006
- https://access.redhat.com/errata/RHSA-2023:5009
- https://access.redhat.com/errata/RHSA-2023:6217
- https://access.redhat.com/errata/RHSA-2023:6154
- https://access.redhat.com/errata/RHSA-2023:6233
- https://access.redhat.com/errata/RHSA-2023:6235
- https://access.redhat.com/errata/RHSA-2023:6239
- https://access.redhat.com/errata/RHSA-2023:6248
- https://access.redhat.com/errata/RHSA-2023:6251
- https://access.redhat.com/errata/RHSA-2023:6280
- https://access.redhat.com/errata/RHSA-2023:6286
- https://access.redhat.com/errata/RHSA-2023:6296
- https://access.redhat.com/errata/RHSA-2023:6298
- https://access.redhat.com/errata/RHSA-2023:6305
- https://access.redhat.com/errata/RHSA-2023:6746
- https://access.redhat.com/errata/RHSA-2023:6779
- https://access.redhat.com/errata/RHSA-2023:6782
- https://access.redhat.com/errata/RHSA-2023:6781
- https://access.redhat.com/errata/RHSA-2023:6783
- https://access.redhat.com/errata/RHSA-2023:6784
- https://access.redhat.com/errata/RHSA-2023:6785
- https://access.redhat.com/errata/RHSA-2023:6786
- https://access.redhat.com/errata/RHSA-2023:6787
- https://access.redhat.com/errata/RHSA-2023:6788
- https://access.redhat.com/errata/RHSA-2023:6272
- https://access.redhat.com/errata/RHSA-2023:6817
- https://access.redhat.com/errata/RHSA-2023:6818
- https://access.redhat.com/errata/RHSA-2023:6832
- https://access.redhat.com/errata/RHSA-2023:7205
- https://access.redhat.com/errata/RHSA-2023:7215
- https://access.redhat.com/errata/RHSA-2023:6836
- https://access.redhat.com/errata/RHSA-2023:7218
- https://access.redhat.com/errata/RHSA-2023:6269
- https://access.redhat.com/errata/RHSA-2023:6837
- https://access.redhat.com/errata/RHSA-2023:6840
- https://access.redhat.com/errata/RHSA-2023:7247
- https://access.redhat.com/errata/RHSA-2023:6839
- https://access.redhat.com/errata/RHSA-2023:7288
- https://access.redhat.com/errata/RHSA-2023:7334
- https://access.redhat.com/errata/RHSA-2023:7335
- https://access.redhat.com/errata/RHSA-2023:7344
- https://access.redhat.com/errata/RHSA-2023:7345
- https://access.redhat.com/errata/RHSA-2023:7315
- https://access.redhat.com/errata/RHSA-2023:7325
- https://access.redhat.com/errata/RHSA-2023:7484
- https://access.redhat.com/errata/RHSA-2023:7482
- https://access.redhat.com/errata/RHSA-2023:7483
- https://access.redhat.com/errata/RHSA-2023:7486
- https://access.redhat.com/errata/RHSA-2023:7488
- https://access.redhat.com/errata/RHSA-2023:7521
- https://access.redhat.com/errata/RHSA-2023:7522
- https://access.redhat.com/errata/RHSA-2023:7555
- https://access.redhat.com/errata/RHSA-2023:7481
- https://access.redhat.com/errata/RHSA-2023:7587
- https://access.redhat.com/errata/RHSA-2023:7639
- https://access.redhat.com/errata/RHSA-2023:7637
- https://access.redhat.com/errata/RHSA-2023:7638
- https://access.redhat.com/errata/RHSA-2023:7641
- https://access.redhat.com/errata/RHSA-2023:7653
- https://access.redhat.com/errata/RHSA-2023:7610
- https://access.redhat.com/errata/RHSA-2023:7699
- https://access.redhat.com/errata/RHSA-2023:7703
- https://access.redhat.com/errata/RHSA-2023:7704
- https://access.redhat.com/errata/RHSA-2023:7741
- https://access.redhat.com/errata/RHSA-2024:0777
- https://access.redhat.com/errata/RHSA-2023:7198
- https://access.redhat.com/errata/RHSA-2023:7201
- https://access.redhat.com/errata/RHSA-2024:0269
- https://access.redhat.com/errata/RHSA-2024:0302
- https://access.redhat.com/errata/RHSA-2024:1444
- https://access.redhat.com/errata/RHSA-2024:2633
- https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49
- https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a
- https://github.com/apache/trafficserver/commit/b28ad74f117307e8de206f1de70c3fa716f90682
- https://github.com/apache/trafficserver/commit/d742d74039aaa548dda0148ab4ba207906abc620
- https://github.com/grpc/grpc/pull/34763
- https://github.com/h2o/h2o/commit/28fe15117b909588bf14269a0e1c6ec4548579fe
- http://git.haproxy.org/?p=haproxy.git;a=commit;h=f210191dcdf32a2cb263c5bd22b7fc98698ce59a
- https://www.mail-archive.com/haproxy@formilux.org/msg44134.html
- https://www.mail-archive.com/haproxy@formilux.org/msg44136.html
- https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9
- https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
- https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
- https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009
- https://varnish-cache.org/security/VSV00013.html
- https://varnish-cache.org/docs/7.5/whats-new/changes-7.5.html#cve-2023-44487
- https://www.openwall.com/lists/oss-security/2023/10/13/9
- https://www.ibm.com/support/pages/node/7183851 (Advisory)
- https://www.fortiguard.com/psirt/cvrf/FG-IR-23-397
- https://www.fortiguard.com/psirt/FG-IR-23-397
Frequently Asked Questions
What is the severity of CVE-2023-44487?
CVE-2023-44487 has been classified with a critical severity rating due to its potential for exploitation through rapid reset attacks in the HTTP/2 protocol.
How do I fix CVE-2023-44487?
To remediate CVE-2023-44487, users should apply the security patches and updates provided by their software vendors for affected products or libraries.
What products are affected by CVE-2023-44487?
CVE-2023-44487 affects multiple Microsoft Windows versions, .NET, various Debian packages, and notable server and application software relying on HTTP/2.
Can CVE-2023-44487 be exploited remotely?
Yes, attackers can exploit CVE-2023-44487 remotely to disrupt services by sending malicious HTTP/2 requests that trigger rapid stream resets.
What is the recommended action for administrators regarding CVE-2023-44487?
Administrators should prioritize assessing their environments for affected software, applying available updates immediately, and monitoring for suspicious activity.
- collector/oss-sec
- alias/CVE-2023-44487
- collector/msrc
- collector/debian-bugs
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/author
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- collector/bleeping-computer
- source/BleepingComputer
- collector/the-register
- source/The Register
- agent/software-canonical-lookup-request
- alias/CVE-2024-21762
- alias/CVE-2024-23113
- alias/CVE-2023-47537
- agent/title
- collector/launchpad-cve
- source/Launchpad
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- exploited/true
- collector/fortiguard-psirt-latest
- source/FortiGuard
- collector/darkreading
- source/Dark Reading
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-qppj-fm5r-hxr3
- agent/remedy
- collector/github-advisory
- agent/source
- agent/severity
- collector/cisa-known-exploited
- source/CISA
- agent/description
- agent/news-ai
- zeroday/true
- collector/nvd-index
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- agent/references
- agent/trending
- agent/event
- collector/security-tracker-debian
- source/Debian
- collector/ibm-support
- source/IBM
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- collector/fortiguard-psirt
- collector/f5-advisory
- source/F5
- vendor/microsoft
- canonical/microsoft windows 11
- version/microsoft windows 11/21h2
- canonical/microsoft windows server 2022
- version/microsoft windows 11/22h2
- canonical/microsoft windows server 2019
- canonical/microsoft windows 10
- version/microsoft windows 10/21h2
- version/microsoft windows 10/22h2
- version/microsoft windows 10/1809
- version/microsoft windows 10/1607
- package-manager/debian
- canonical/microsoft asp.net core
- version/microsoft asp.net core/7.0
- version/microsoft asp.net core/6.0
- canonical/microsoft windows server 2016
- canonical/microsoft .net 6.0
- canonical/microsoft .net 7.0
- package-manager/maven
- package-manager/swift
- package-manager/go
- vendor/ietf
- canonical/ietf http
- version/ietf http/2.0
- vendor/nghttp2
- canonical/libnghttp2-14
- vendor/netty
- canonical/netty netty
- vendor/envoyproxy
- canonical/envoy proxy
- version/envoy proxy/1.24.10
- version/envoy proxy/1.25.9
- version/envoy proxy/1.26.4
- version/envoy proxy/1.27.0
- vendor/eclipse
- canonical/eclipse jetty
- version/eclipse jetty/10.0.0
- version/eclipse jetty/11.0.0
- version/eclipse jetty/12.0.0
- vendor/caddyserver
- canonical/caddy
- vendor/golang
- canonical/ruby
- version/ruby/1.21.0
- canonical/golang http2 go
- canonical/golang networking go
- vendor/f5
- canonical/f5 big-ip access policy manager
- version/f5 big-ip access policy manager/13.1.0
- version/f5 big-ip access policy manager/13.1.5
- version/f5 big-ip access policy manager/14.1.0
- version/f5 big-ip access policy manager/14.1.5
- version/f5 big-ip access policy manager/15.1.0
- version/f5 big-ip access policy manager/15.1.10
- version/f5 big-ip access policy manager/16.1.0
- version/f5 big-ip access policy manager/16.1.4
- version/f5 big-ip access policy manager/17.1.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/13.1.0
- version/f5 big-ip advanced firewall manager/13.1.5
- version/f5 big-ip advanced firewall manager/14.1.0
- version/f5 big-ip advanced firewall manager/14.1.5
- version/f5 big-ip advanced firewall manager/15.1.0
- version/f5 big-ip advanced firewall manager/15.1.10
- version/f5 big-ip advanced firewall manager/16.1.0
- version/f5 big-ip advanced firewall manager/16.1.4
- version/f5 big-ip advanced firewall manager/17.1.0
- canonical/f5 big-ip advanced waf/asm
- version/f5 big-ip advanced waf/asm/13.1.0
- version/f5 big-ip advanced waf/asm/13.1.5
- version/f5 big-ip advanced waf/asm/14.1.0
- version/f5 big-ip advanced waf/asm/14.1.5
- version/f5 big-ip advanced waf/asm/15.1.0
- version/f5 big-ip advanced waf/asm/15.1.10
- version/f5 big-ip advanced waf/asm/16.1.0
- version/f5 big-ip advanced waf/asm/16.1.4
- version/f5 big-ip advanced waf/asm/17.1.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/13.1.0
- version/f5 big-ip analytics/13.1.5
- version/f5 big-ip analytics/14.1.0
- version/f5 big-ip analytics/14.1.5
- version/f5 big-ip analytics/15.1.0
- version/f5 big-ip analytics/15.1.10
- version/f5 big-ip analytics/16.1.0
- version/f5 big-ip analytics/16.1.4
- version/f5 big-ip analytics/17.1.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/13.1.0
- version/f5 big-ip application acceleration manager/13.1.5
- version/f5 big-ip application acceleration manager/14.1.0
- version/f5 big-ip application acceleration manager/14.1.5
- version/f5 big-ip application acceleration manager/15.1.0
- version/f5 big-ip application acceleration manager/15.1.10
- version/f5 big-ip application acceleration manager/16.1.0
- version/f5 big-ip application acceleration manager/16.1.4
- version/f5 big-ip application acceleration manager/17.1.0
- canonical/f5 big-ip application security manager
- version/f5 big-ip application security manager/13.1.0
- version/f5 big-ip application security manager/13.1.5
- version/f5 big-ip application security manager/14.1.0
- version/f5 big-ip application security manager/14.1.5
- version/f5 big-ip application security manager/15.1.0
- version/f5 big-ip application security manager/15.1.10
- version/f5 big-ip application security manager/16.1.0
- version/f5 big-ip application security manager/16.1.4
- version/f5 big-ip application security manager/17.1.0
- canonical/f5 big-ip application visibility and reporting
- version/f5 big-ip application visibility and reporting/13.1.0
- version/f5 big-ip application visibility and reporting/13.1.5
- version/f5 big-ip application visibility and reporting/14.1.0
- version/f5 big-ip application visibility and reporting/14.1.5
- version/f5 big-ip application visibility and reporting/15.1.0
- version/f5 big-ip application visibility and reporting/15.1.10
- version/f5 big-ip application visibility and reporting/16.1.0
- version/f5 big-ip application visibility and reporting/16.1.4
- version/f5 big-ip application visibility and reporting/17.1.0
- canonical/f5 big-ip carrier-grade nat
- version/f5 big-ip carrier-grade nat/13.1.0
- version/f5 big-ip carrier-grade nat/13.1.5
- version/f5 big-ip carrier-grade nat/14.1.0
- version/f5 big-ip carrier-grade nat/14.1.5
- version/f5 big-ip carrier-grade nat/15.1.0
- version/f5 big-ip carrier-grade nat/15.1.10
- version/f5 big-ip carrier-grade nat/16.1.0
- version/f5 big-ip carrier-grade nat/16.1.4
- version/f5 big-ip carrier-grade nat/17.1.0
- canonical/f5 big-ip ddos hybrid defender
- version/f5 big-ip ddos hybrid defender/13.1.0
- version/f5 big-ip ddos hybrid defender/13.1.5
- version/f5 big-ip ddos hybrid defender/14.1.0
- version/f5 big-ip ddos hybrid defender/14.1.5
- version/f5 big-ip ddos hybrid defender/15.1.0
- version/f5 big-ip ddos hybrid defender/15.1.10
- version/f5 big-ip ddos hybrid defender/16.1.0
- version/f5 big-ip ddos hybrid defender/16.1.4
- version/f5 big-ip ddos hybrid defender/17.1.0
- canonical/f5 big-ip domain name system
- version/f5 big-ip domain name system/13.1.0
- version/f5 big-ip domain name system/13.1.5
- version/f5 big-ip domain name system/14.1.0
- version/f5 big-ip domain name system/14.1.5
- version/f5 big-ip domain name system/15.1.0
- version/f5 big-ip domain name system/15.1.10
- version/f5 big-ip domain name system/16.1.0
- version/f5 big-ip domain name system/16.1.4
- version/f5 big-ip domain name system/17.1.0
- canonical/f5 big-ip fraud protection service
- version/f5 big-ip fraud protection service/13.1.0
- version/f5 big-ip fraud protection service/13.1.5
- version/f5 big-ip fraud protection service/14.1.0
- version/f5 big-ip fraud protection service/14.1.5
- version/f5 big-ip fraud protection service/15.1.0
- version/f5 big-ip fraud protection service/15.1.10
- version/f5 big-ip fraud protection service/16.1.0
- version/f5 big-ip fraud protection service/16.1.4
- version/f5 big-ip fraud protection service/17.1.0
- canonical/f5 big-ip global traffic manager
- version/f5 big-ip global traffic manager/13.1.0
- version/f5 big-ip global traffic manager/13.1.5
- version/f5 big-ip global traffic manager/14.1.0
- version/f5 big-ip global traffic manager/14.1.5
- version/f5 big-ip global traffic manager/15.1.0
- version/f5 big-ip global traffic manager/15.1.10
- version/f5 big-ip global traffic manager/16.1.0
- version/f5 big-ip global traffic manager/16.1.4
- version/f5 big-ip global traffic manager/17.1.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/13.1.0
- version/f5 big-ip link controller/13.1.5
- version/f5 big-ip link controller/14.1.0
- version/f5 big-ip link controller/14.1.5
- version/f5 big-ip link controller/15.1.0
- version/f5 big-ip link controller/15.1.10
- version/f5 big-ip link controller/16.1.0
- version/f5 big-ip link controller/16.1.4
- version/f5 big-ip link controller/17.1.0
- canonical/f5 big-ip local traffic manager
- version/f5 big-ip local traffic manager/13.1.0
- version/f5 big-ip local traffic manager/13.1.5
- version/f5 big-ip local traffic manager/14.1.0
- version/f5 big-ip local traffic manager/14.1.5
- version/f5 big-ip local traffic manager/15.1.0
- version/f5 big-ip local traffic manager/15.1.10
- version/f5 big-ip local traffic manager/16.1.0
- version/f5 big-ip local traffic manager/16.1.4
- version/f5 big-ip local traffic manager/17.1.0
- canonical/f5 big-ip next
- version/f5 big-ip next/20.0.1
- canonical/f5 big-ip next service proxy for kubernetes
- version/f5 big-ip next service proxy for kubernetes/1.5.0
- version/f5 big-ip next service proxy for kubernetes/1.8.2
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/13.1.0
- version/f5 big-ip policy enforcement manager/13.1.5
- version/f5 big-ip policy enforcement manager/14.1.0
- version/f5 big-ip policy enforcement manager/14.1.5
- version/f5 big-ip policy enforcement manager/15.1.0
- version/f5 big-ip policy enforcement manager/15.1.10
- version/f5 big-ip policy enforcement manager/16.1.0
- version/f5 big-ip policy enforcement manager/16.1.4
- version/f5 big-ip policy enforcement manager/17.1.0
- canonical/f5 big-ip ssl orchestrator
- version/f5 big-ip ssl orchestrator/13.1.0
- version/f5 big-ip ssl orchestrator/13.1.5
- version/f5 big-ip ssl orchestrator/14.1.0
- version/f5 big-ip ssl orchestrator/14.1.5
- version/f5 big-ip ssl orchestrator/15.1.0
- version/f5 big-ip ssl orchestrator/15.1.10
- version/f5 big-ip ssl orchestrator/16.1.0
- version/f5 big-ip ssl orchestrator/16.1.4
- version/f5 big-ip ssl orchestrator/17.1.0
- canonical/f5 big-ip webaccelerator
- version/f5 big-ip webaccelerator/13.1.0
- version/f5 big-ip webaccelerator/13.1.5
- version/f5 big-ip webaccelerator/14.1.0
- version/f5 big-ip webaccelerator/14.1.5
- version/f5 big-ip webaccelerator/15.1.0
- version/f5 big-ip webaccelerator/15.1.10
- version/f5 big-ip webaccelerator/16.1.0
- version/f5 big-ip webaccelerator/16.1.4
- version/f5 big-ip webaccelerator/17.1.0
- canonical/f5 websafe
- version/f5 websafe/13.1.0
- version/f5 websafe/13.1.5
- version/f5 websafe/14.1.0
- version/f5 websafe/14.1.5
- version/f5 websafe/15.1.0
- version/f5 websafe/15.1.10
- version/f5 websafe/16.1.0
- version/f5 websafe/16.1.4
- version/f5 websafe/17.1.0
- canonical/f5 nginx
- version/f5 nginx/1.9.5
- version/f5 nginx/1.25.2
- canonical/f5 nginx ingress controller
- version/f5 nginx ingress controller/2.0.0
- version/f5 nginx ingress controller/2.4.2
- version/f5 nginx ingress controller/3.0.0
- version/f5 nginx ingress controller/3.3.0
- canonical/nginx plus
- version/nginx plus/r25
- version/nginx plus/r29
- version/nginx plus/r30
- vendor/apache
- canonical/apache tomcat
- version/apache tomcat/8.5.0
- version/apache tomcat/8.5.93
- version/apache tomcat/9.0.0
- version/apache tomcat/9.0.80
- version/apache tomcat/10.1.0
- version/apache tomcat/10.1.13
- version/apache tomcat/11.0.0-milestone1
- version/apache tomcat/11.0.0-milestone10
- version/apache tomcat/11.0.0-milestone11
- version/apache tomcat/11.0.0-milestone2
- version/apache tomcat/11.0.0-milestone3
- version/apache tomcat/11.0.0-milestone4
- version/apache tomcat/11.0.0-milestone5
- version/apache tomcat/11.0.0-milestone6
- version/apache tomcat/11.0.0-milestone7
- version/apache tomcat/11.0.0-milestone8
- version/apache tomcat/11.0.0-milestone9
- vendor/apple
- canonical/apple swiftnio http/2
- vendor/grpc
- canonical/grpc go
- version/grpc go/1.58.0
- version/grpc go/1.57.0
- canonical/microsoft .net framework
- version/microsoft .net framework/6.0.0
- version/microsoft .net framework/7.0.0
- version/microsoft asp.net core/6.0.0
- version/microsoft asp.net core/7.0.0
- canonical/microsoft azure kubernetes service
- canonical/microsoft visual studio 2022
- version/microsoft visual studio 2022/17.0
- version/microsoft visual studio 2022/17.4
- version/microsoft visual studio 2022/17.6
- version/microsoft visual studio 2022/17.7
- canonical/microsoft windows 10 version 1607 x86
- canonical/microsoft windows 10 1809
- canonical/microsoft windows 10 21h2
- canonical/microsoft windows 10 22h2
- canonical/microsoft windows 11 21h2
- canonical/microsoft windows 11 22h2
- vendor/nodejs
- canonical/node.js
- canonical/microsoft cbl-mariner
- vendor/dena
- canonical/h2o.ai h2o
- vendor/facebook
- canonical/facebook proxygen
- canonical/apache apisix
- canonical/apache traffic server
- version/apache traffic server/8.0.0
- version/apache traffic server/9.0.0
- vendor/amazon
- canonical/opensearch data prepper
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/10.0
- version/debian gnu/linux/11.0
- version/debian gnu/linux/12.0
- vendor/kazu-yamamoto
- canonical/kazu-yamamoto http2
- vendor/istio
- canonical/istio istio
- version/istio istio/1.18.0
- version/istio istio/1.19.0
- vendor/varnish cache project
- canonical/varnish cache project varnish cache
- vendor/traefik
- canonical/traefik
- version/traefik/3.0.0-beta1
- version/traefik/3.0.0-beta2
- version/traefik/3.0.0-beta3
- vendor/projectcontour
- canonical/project contour for kubernetes
- vendor/linkerd
- canonical/linkerd linkerd
- version/linkerd linkerd/2.12.0
- version/linkerd linkerd/2.12.5
- version/linkerd linkerd/2.13.0
- version/linkerd linkerd/2.13.1
- version/linkerd linkerd/2.14.0
- version/linkerd linkerd/2.14.1
- vendor/linecorp
- canonical/line corporation armeria
- vendor/redhat
- canonical/red hat 3scale api management platform
- version/red hat 3scale api management platform/2.0
- canonical/redhat advanced cluster management for kubernetes
- version/redhat advanced cluster management for kubernetes/2.0
- canonical/red hat advanced cluster security
- version/red hat advanced cluster security/3.0
- version/red hat advanced cluster security/4.0
- canonical/redhat ansible automation platform
- version/redhat ansible automation platform/2.0
- canonical/red hat build of optaplanner
- version/red hat build of optaplanner/8.0
- canonical/red hat quarkus
- canonical/redhat ceph storage
- version/redhat ceph storage/5.0
- canonical/red hat cert manager operator for red hat openshift
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/red hat cost management
- canonical/red hat cryostat
- version/red hat cryostat/2.0
- canonical/redhat decision manager
- version/redhat decision manager/7.0
- canonical/red hat fence agents remediation operator
- canonical/apache camel
- canonical/red hat integration - service registry
- canonical/redhat jboss a-mq
- version/redhat jboss a-mq/7
- canonical/red hat jboss a-mq streams
- canonical/redhat jboss core services
- canonical/redhat jboss data grid
- version/redhat jboss data grid/7.0.0
- canonical/redhat jboss enterprise application platform
- version/redhat jboss enterprise application platform/6.0.0
- version/redhat jboss enterprise application platform/7.0.0
- canonical/red hat jboss fuse
- version/red hat jboss fuse/6.0.0
- version/red hat jboss fuse/7.0.0
- canonical/red hat logging subsystem for red hat openshift
- canonical/red hat machine deletion remediation operator
- canonical/red hat migration toolkit for applications
- version/red hat migration toolkit for applications/6.0
- canonical/redhat migration toolkit for containers
- canonical/red hat migration toolkit for virtualization
- canonical/red hat network observability operator
- canonical/redhat node healthcheck operator
- canonical/red hat node maintenance operator
- canonical/red hat openshift aws
- canonical/red hat openshift api for data protection
- canonical/redhat openshift container platform
- version/redhat openshift container platform/4.0
- canonical/red hat openshift container platform assisted installer
- canonical/red hat openshift data science
- canonical/red hat openshift dev spaces
- canonical/red hat openshift developer tools and services
- canonical/red hat openshift distributed tracing
- canonical/red hat openshift gitops
- canonical/red hat openshift pipelines
- canonical/red hat openshift sandboxed containers
- canonical/red hat openshift secondary scheduler operator
- canonical/red hat openshift serverless
- canonical/redhat openshift service mesh
- version/redhat openshift service mesh/2.0
- canonical/red hat openshift virtualization
- version/red hat openshift virtualization/4
- canonical/red hat openstack platform
- version/red hat openstack platform/16.1
- version/red hat openstack platform/16.2
- version/red hat openstack platform/17.1
- canonical/red hat process automation manager
- version/red hat process automation manager/7.0
- canonical/redhat quay
- version/redhat quay/3.0.0
- canonical/red hat run once duration override operator
- canonical/redhat satellite
- version/redhat satellite/6.0
- canonical/red hat self node remediation operator
- canonical/red hat service interconnect
- version/red hat service interconnect/1.0
- canonical/redhat single sign-on
- version/redhat single sign-on/7.0
- canonical/red hat support for spring boot
- canonical/redhat web terminal
- version/red hat enterprise linux/6.0
- canonical/red hat service telemetry framework
- version/red hat service telemetry framework/1.5
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/38
- vendor/netapp
- canonical/netapp astra control center
- vendor/akka
- canonical/lightbend akka http
- vendor/konghq
- canonical/kong gateway
- canonical/grpc
- version/grpc/1.59.2
- version/node.js/18.0.0
- version/node.js/20.0.0
- canonical/linkerd
- version/linkerd/2.12.0
- version/linkerd/2.12.5
- version/linkerd/2.13.0
- version/linkerd/2.13.1
- version/linkerd/2.14.0
- version/linkerd/2.14.1
- version/fedoraproject fedora/37
- canonical/netapp oncommand insight
- vendor/jenkins
- canonical/jenkins
- version/jenkins/2.414.2
- version/jenkins/2.427
- canonical/apache solr
- vendor/openresty
- canonical/openresty
- vendor/cisco
- canonical/cisco connected mobile experiences
- canonical/cisco crosswork data gateway
- version/cisco crosswork data gateway/5.0
- canonical/cisco crosswork zero touch provisioning
- canonical/cisco data center network manager
- canonical/cisco enterprise chat and email
- canonical/cisco expressway-c
- canonical/cisco firepower threat defense
- canonical/cisco iot field network director
- canonical/cisco prime access registrar
- canonical/cisco prime cable provisioning
- canonical/cisco prime infrastructure
- canonical/cisco prime network registrar
- canonical/cisco secure dynamic attributes connector
- canonical/cisco secure malware analytics
- canonical/cisco telepresence video communication server firmware
- canonical/cisco ultra cloud core
- version/cisco ultra cloud core/2024.01.0
- canonical/cisco unified attendant console advanced
- canonical/cisco unified contact center domain manager
- canonical/cisco ip contact center enterprise
- canonical/cisco unified contact center enterprise - live data server
- canonical/cisco fog director
- canonical/cisco ios xe
- canonical/cisco ios xrv 9000
- canonical/cisco secure web appliance
- canonical/cisco nx-os
- version/cisco nx-os/10.3\(1\)
- canonical/cisco nexus 3016q firmware
- canonical/cisco nexus 3016q
- canonical/cisco nexus 3048 firmware
- canonical/cisco nexus 3064x
- canonical/cisco nexus 3064
- canonical/cisco nexus 3064x firmware
- canonical/cisco nexus 3100
- canonical/cisco nexus 3100v
- canonical/cisco nexus 3100-z firmware
- canonical/cisco nexus 3100-v
- canonical/cisco nexus 31108pv-v
- canonical/cisco nexus 31108pv-v firmware
- canonical/cisco nexus 31108tc-v firmware
- canonical/cisco nexus 31128pq
- canonical/cisco nexus 3132c-z firmware
- canonical/cisco nexus 3132q-xl
- canonical/cisco nexus 3132q-v firmware
- canonical/cisco nexus 3132q-x/3132q-xl
- canonical/cisco nexus 3164q firmware
- canonical/cisco nexus 3172
- canonical/cisco nexus 3172pq/pq-xl
- canonical/cisco nexus 3172tq firmware
- canonical/cisco nexus 3172tq-xl
- canonical/cisco nexus 3172tq-xl firmware
- canonical/cisco nexus 3200
- canonical/cisco nexus 3232
- canonical/cisco nexus 3232c
- canonical/cisco nexus 3264c-e firmware
- canonical/cisco nexus 3264q firmware
- canonical/cisco nexus 3400 firmware
- canonical/cisco nexus 3408-s firmware
- canonical/cisco nexus 34180yc firmware
- canonical/cisco nexus 34200yc-sm
- canonical/cisco nexus 3432d-s firmware
- canonical/cisco nexus 3464c firmware
- canonical/cisco nexus 3500 platform
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3524-x/xl
- canonical/cisco nexus 3548-x/xl firmware
- canonical/cisco nexus 3548-x/xl
- canonical/cisco nexus 3600
- canonical/cisco nexus 36180yc-r firmware
- canonical/cisco nexus 3636c-r firmware
- canonical/cisco nx-os nexus 9000 series
- canonical/cisco nexus 9200 firmware
- canonical/cisco nexus 9200
- canonical/cisco nexus 92160yc switch
- canonical/cisco nexus 9221c firmware
- canonical/cisco nexus 92300yc switch
- canonical/cisco nexus 92300yc
- canonical/cisco nexus 92304qc
- canonical/cisco nexus 92304qc switch
- canonical/cisco nexus 9232e
- canonical/cisco nexus 92348gc-x switch
- canonical/cisco nexus 9236c
- canonical/cisco nexus 9236c switch
- canonical/cisco nexus 9272q switch
- canonical/cisco nexus 9300 firmware
- canonical/cisco nexus
- canonical/cisco nexus 93108tc-ex-24 switch
- canonical/cisco nexus 93108tc-ex-24
- canonical/cisco nexus 93108tc-fx switch
- canonical/cisco nexus 93108tc-fx3h
- canonical/cisco nexus 93108tc-fx3p firmware
- canonical/cisco nexus 93120tx
- canonical/cisco nexus 93120tx switch
- canonical/cisco nexus 93128tx switch
- canonical/cisco nexus 93128tx
- canonical/cisco nexus 93128tx firmware
- canonical/cisco nexus 9316d-gx firmware
- canonical/cisco nexus 93180lc-ex switch
- canonical/cisco nexus 93180lc-ex
- canonical/cisco nexus 93180tc-ex firmware
- canonical/cisco nexus 93180yc-ex
- canonical/cisco nexus 93180yc-ex-24 firmware
- canonical/cisco nexus 93180yc-ex-24
- canonical/cisco nexus 93180yc-fx firmware
- canonical/cisco nexus 93180yc-fx-24 firmware
- canonical/cisco nexus 93180yc-fx3 firmware
- canonical/cisco nexus 93180yc-fx3h
- canonical/cisco nexus 93180yc-fx3s firmware
- canonical/cisco nexus 93216tc-fx2 firmware
- canonical/cisco nexus 93240tc-fx2
- canonical/cisco nexus 93240yc-fx2 firmware
- canonical/cisco nexus 9332c firmware
- canonical/cisco nexus 9332d-gx2b firmware
- canonical/cisco nexus 9332d-h2r
- canonical/cisco nexus 9332pq
- canonical/cisco nexus 9332pq switch
- canonical/cisco nexus 93360yc-fx2
- canonical/cisco nexus 9336c-fx2 firmware
- canonical/cisco nexus 9336c-fx2-e firmware
- canonical/cisco nexus n9336pq
- canonical/cisco nexus 9336pq aci spine switch
- canonical/cisco nexus n9336pq-x
- canonical/cisco nexus 9336pq
- canonical/cisco nexus 9348d-gx2a
- canonical/cisco nexus 9348gc-fx3
- canonical/cisco nexus 9348gc-fxp firmware
- canonical/cisco nexus 93600cd-gx firmware
- canonical/cisco nexus 9364c-gx firmware
- canonical/cisco nexus 9364d-gx2a firmware
- canonical/cisco nexus 9372px
- canonical/cisco nexus 9372px-e switch
- canonical/cisco nexus 9372px-e
- canonical/cisco nexus 9372tx
- canonical/cisco nexus 9372tx-e switch
- canonical/cisco nexus 9372tx-e
- canonical/cisco nexus 9396px
- canonical/cisco nexus 9396px switch
- canonical/cisco nexus 9396tx
- canonical/cisco nexus 9408
- canonical/cisco nexus 9432pq
- canonical/cisco nexus 9500 firmware
- canonical/cisco nexus 9500
- canonical/cisco nexus 9500 supervisor a
- canonical/cisco nexus 9500 supervisor a+
- canonical/cisco nexus 9500 supervisor b firmware
- canonical/cisco nexus 9500 supervisor b+
- canonical/cisco nexus 9500r firmware
- canonical/cisco nexus 9504
- canonical/cisco nexus 9508
- canonical/cisco nexus 9516
- canonical/cisco nexus 9536pq firmware
- canonical/cisco nexus 9636pq firmware
- canonical/cisco nexus 9716d-gx firmware
- canonical/cisco nexus 9736pq firmware
- canonical/cisco nexus 9800 firmware
- canonical/cisco nexus 9804
- canonical/cisco nexus 9808
- vendor/ibm
- canonical/ibm data virtualization on cloud pak for data
- version/ibm data virtualization on cloud pak for data/3.0
- canonical/ibm watson query with cloud pak for data
- version/ibm watson query with cloud pak for data/2.2
- version/ibm watson query with cloud pak for data/2.1
- version/ibm watson query with cloud pak for data/2.0
- version/ibm data virtualization on cloud pak for data/1.8
- version/ibm data virtualization on cloud pak for data/1.7
- package-manager/redhat
- vendor/fortinet
- canonical/fortinet fortios ips engine
- version/fortinet fortios ips engine/7.4.0
- version/fortinet fortios ips engine/7.4.1
- version/fortinet fortios ips engine/7.2.0
- version/fortinet fortios ips engine/7.2.7
- version/fortinet fortios ips engine/7.0.0
- version/fortinet fortios ips engine/7.0.13
- canonical/fortinet fortiproxy
- version/fortinet fortiproxy/7.4.0
- version/fortinet fortiproxy/7.4.1
- version/fortinet fortiproxy/7.2.0
- version/fortinet fortiproxy/7.2.7
- version/fortinet fortiproxy/7.0
- canonical/f5 big-ip next (ltm)
- version/f5 big-ip next (ltm)/20.0.1
- version/f5 big-ip next/1.5.0
- version/f5 big-ip next/1.8.2
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/17.1.0
- version/f5 big-ip and big-iq centralized management/17.1.1
- version/f5 big-ip and big-iq centralized management/16.1.0
- version/f5 big-ip and big-iq centralized management/16.1.4
- version/f5 big-ip and big-iq centralized management/15.1.0
- version/f5 big-ip and big-iq centralized management/15.1.10
- version/f5 big-ip and big-iq centralized management/14.1.0
- version/f5 big-ip and big-iq centralized management/14.1.5
- version/f5 big-ip and big-iq centralized management/13.1.0
- version/f5 big-ip and big-iq centralized management/13.1.5
- canonical/nginx
- version/nginx/25
- version/nginx/1.9.5
- version/nginx/1.25.2
- canonical/kubernetes nginx ingress controller
- version/kubernetes nginx ingress controller/3.0.0
- version/kubernetes nginx ingress controller/3.3.0
- version/kubernetes nginx ingress controller/2.0.0
- version/kubernetes nginx ingress controller/2.4.2
- version/kubernetes nginx ingress controller/1.12.2
- canonical/visual studio professional 2022
- version/visual studio professional 2022/17.6
- version/visual studio professional 2022/17.4
- version/visual studio professional 2022/17.2
- version/visual studio professional 2022/17.7