Latest apple swiftnio Vulnerabilities

CVE-2022-3215
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming reques...
Apple Swiftnio<2.29.1
Apple Swiftnio>=2.30.0<2.39.1
Apple Swiftnio>=2.40.0<2.42.0
CVE-2019-9517
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constr...
redhat/jbcs-httpd24-httpd<0:2.4.29-41.jbcs.el6
redhat/jbcs-httpd24-nghttp2<0:1.39.2-1.jbcs.el6
redhat/jbcs-httpd24-apr<0:1.6.3-63.jbcs.el6
redhat/jbcs-httpd24-apr-util<0:1.6.1-48.jbcs.el6
redhat/jbcs-httpd24-brotli<0:1.0.6-7.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-14.jbcs.el6
and 77 more
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data ...
redhat/jbcs-httpd24-httpd<0:2.4.29-41.jbcs.el6
redhat/jbcs-httpd24-nghttp2<0:1.39.2-1.jbcs.el6
redhat/jbcs-httpd24-apr<0:1.6.3-63.jbcs.el6
redhat/jbcs-httpd24-apr-util<0:1.6.1-48.jbcs.el6
redhat/jbcs-httpd24-brotli<0:1.0.6-7.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-14.jbcs.el6
and 168 more
CVE-2019-9516
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, o...
redhat/jbcs-httpd24-httpd<0:2.4.29-41.jbcs.el6
redhat/jbcs-httpd24-nghttp2<0:1.39.2-1.jbcs.el6
redhat/jbcs-httpd24-apr<0:1.6.3-63.jbcs.el6
redhat/jbcs-httpd24-apr-util<0:1.6.1-48.jbcs.el6
redhat/jbcs-httpd24-brotli<0:1.0.6-7.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-14.jbcs.el6
and 72 more
CVE-2019-9518
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-st...
redhat/rh-nodejs10<0:3.2-3.el7
redhat/rh-nodejs10-nodejs<0:10.16.3-3.el7
redhat/rh-nodejs8<0:3.0-5.el7
redhat/rh-nodejs8-nodejs<0:8.16.1-2.el7
redhat/envoy<1.11.1
redhat/Nodejs<8.16.1
and 45 more
CVE-2019-9515
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the ...
redhat/eap7-apache-cxf<0:3.2.10-1.redhat_00001.1.el6ea
redhat/eap7-byte-buddy<0:1.9.11-1.redhat_00002.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-5.SP3_redhat_00003.1.el6ea
redhat/eap7-hal-console<0:3.0.17-2.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.13-1.Final_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.18-1.Final_redhat_00001.1.el6ea
and 141 more
CVE-2019-9514
A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RST_STREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest t...
redhat/go-toolset<1.11-0:1.11.13-1.el7
redhat/go-toolset<1.11-golang-0:1.11.13-2.el7
redhat/containernetworking-plugins<0:0.8.1-4.el7_7
redhat/eap7-apache-cxf<0:3.2.10-1.redhat_00001.1.el6ea
redhat/eap7-byte-buddy<0:1.9.11-1.redhat_00002.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-5.SP3_redhat_00003.1.el6ea
and 221 more
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the str...
redhat/jbcs-httpd24-httpd<0:2.4.29-41.jbcs.el6
redhat/jbcs-httpd24-nghttp2<0:1.39.2-1.jbcs.el6
redhat/jbcs-httpd24-apr<0:1.6.3-63.jbcs.el6
redhat/jbcs-httpd24-apr-util<0:1.6.1-48.jbcs.el6
redhat/jbcs-httpd24-brotli<0:1.0.6-7.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-14.jbcs.el6
and 104 more
CVE-2019-9512
A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to...
go/golang.org/x/net<0.0.0-20190813141303-74dc4d7220e7
redhat/go-toolset<1.11-0:1.11.13-1.el7
redhat/go-toolset<1.11-golang-0:1.11.13-2.el7
redhat/containernetworking-plugins<0:0.8.1-4.el7_7
redhat/eap7-apache-cxf<0:3.2.10-1.redhat_00001.1.el6ea
redhat/eap7-byte-buddy<0:1.9.11-1.redhat_00002.1.el6ea
and 175 more
CVE-2018-4281
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation.
Apple Swiftnio<1.8.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203