csaf_suse - suse-su-2023:4069-1

suse-su-2023:4069-1

Vulnerability from csaf_suse

Published

2023-10-13 08:10

Modified

2023-10-13 08:10

Summary

Security update for go1.21

Notes

Title of the patch

Security update for go1.21

Description of the patch

This update for go1.21 fixes the following issues: - Update to go1.21.3 (bsc#1212475) - CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1216109)

Patchnames

SUSE-2023-4069,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4069,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4069,openSUSE-SLE-15.4-2023-4069,openSUSE-SLE-15.5-2023-4069

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.21",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.21 fixes the following issues:\n\n- Update to go1.21.3 (bsc#1212475)\n- CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1216109)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-4069,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4069,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4069,openSUSE-SLE-15.4-2023-4069,openSUSE-SLE-15.5-2023-4069",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4069-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:4069-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234069-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:4069-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016680.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212475",
        "url": "https://bugzilla.suse.com/1212475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1216109",
        "url": "https://bugzilla.suse.com/1216109"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-39325 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-39325/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-44487 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-44487/"
      }
    ],
    "title": "Security update for go1.21",
    "tracking": {
      "current_release_date": "2023-10-13T08:10:28Z",
      "generator": {
        "date": "2023-10-13T08:10:28Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:4069-1",
      "initial_release_date": "2023-10-13T08:10:28Z",
      "revision_history": [
        {
          "date": "2023-10-13T08:10:28Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.3-150000.1.12.1.aarch64",
                "product": {
                  "name": "go1.21-1.21.3-150000.1.12.1.aarch64",
                  "product_id": "go1.21-1.21.3-150000.1.12.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
                "product": {
                  "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
                  "product_id": "go1.21-doc-1.21.3-150000.1.12.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
                "product": {
                  "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
                  "product_id": "go1.21-race-1.21.3-150000.1.12.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.3-150000.1.12.1.i586",
                "product": {
                  "name": "go1.21-1.21.3-150000.1.12.1.i586",
                  "product_id": "go1.21-1.21.3-150000.1.12.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.3-150000.1.12.1.i586",
                "product": {
                  "name": "go1.21-doc-1.21.3-150000.1.12.1.i586",
                  "product_id": "go1.21-doc-1.21.3-150000.1.12.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.3-150000.1.12.1.ppc64le",
                "product": {
                  "name": "go1.21-1.21.3-150000.1.12.1.ppc64le",
                  "product_id": "go1.21-1.21.3-150000.1.12.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
                "product": {
                  "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
                  "product_id": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.3-150000.1.12.1.ppc64le",
                "product": {
                  "name": "go1.21-race-1.21.3-150000.1.12.1.ppc64le",
                  "product_id": "go1.21-race-1.21.3-150000.1.12.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.3-150000.1.12.1.s390x",
                "product": {
                  "name": "go1.21-1.21.3-150000.1.12.1.s390x",
                  "product_id": "go1.21-1.21.3-150000.1.12.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
                "product": {
                  "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
                  "product_id": "go1.21-doc-1.21.3-150000.1.12.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.3-150000.1.12.1.s390x",
                "product": {
                  "name": "go1.21-race-1.21.3-150000.1.12.1.s390x",
                  "product_id": "go1.21-race-1.21.3-150000.1.12.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.3-150000.1.12.1.x86_64",
                "product": {
                  "name": "go1.21-1.21.3-150000.1.12.1.x86_64",
                  "product_id": "go1.21-1.21.3-150000.1.12.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
                "product": {
                  "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
                  "product_id": "go1.21-doc-1.21.3-150000.1.12.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
                "product": {
                  "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
                  "product_id": "go1.21-race-1.21.3-150000.1.12.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.3-150000.1.12.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.3-150000.1.12.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-39325",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-39325"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-39325",
          "url": "https://www.suse.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216109 for CVE-2023-39325",
          "url": "https://bugzilla.suse.com/1216109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230323 for CVE-2023-39325",
          "url": "https://bugzilla.suse.com/1230323"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-10-13T08:10:28Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-39325"
    },
    {
      "cve": "CVE-2023-44487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-44487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
          "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-44487",
          "url": "https://www.suse.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216109 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216123 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216123"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216169 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216171 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216174 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216176 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216181 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216182 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216190 for CVE-2023-44487",
          "url": "https://bugzilla.suse.com/1216190"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.4:go1.21-race-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.3-150000.1.12.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.3-150000.1.12.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-10-13T08:10:28Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-44487"
    }
  ]
}

CVE-2023-44487 (GCVE-0-2023-44487)

Vulnerability from cvelistv5

Published

2023-10-10 00:00

Modified

2025-07-30 01:37

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Summary

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

References

►

URL

Tags

	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
	https://news.ycombinator.com/item?id=37831062
	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
	https://github.com/envoyproxy/envoy/pull/30055
	https://github.com/haproxy/haproxy/issues/2312
	https://github.com/eclipse/jetty.project/issues/10679
	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
	https://github.com/nghttp2/nghttp2/pull/1961
	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
	https://github.com/alibaba/tengine/issues/1872
	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
	https://news.ycombinator.com/item?id=37830987
	https://news.ycombinator.com/item?id=37830998
	https://github.com/caddyserver/caddy/issues/5877
	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
	https://github.com/bcdannyboy/CVE-2023-44487
	https://github.com/grpc/grpc-go/pull/6703
	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
	https://my.f5.com/manage/s/article/K000137106
	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
	https://bugzilla.proxmox.com/show_bug.cgi?id=4988
	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
	http://www.openwall.com/lists/oss-security/2023/10/10/7	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/10/6	mailing-list
	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
	https://github.com/microsoft/CBL-Mariner/pull/6381
	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
	https://github.com/facebook/proxygen/pull/466
	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
	https://github.com/micrictor/http2-rst-stream
	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
	https://github.com/h2o/h2o/pull/3291
	https://github.com/nodejs/node/pull/50121
	https://github.com/dotnet/announcements/issues/277
	https://github.com/golang/go/issues/63417
	https://github.com/advisories/GHSA-vx74-f528-fxqg
	https://github.com/apache/trafficserver/pull/10564
	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
	https://www.openwall.com/lists/oss-security/2023/10/10/6
	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
	https://github.com/opensearch-project/data-prepper/issues/3474
	https://github.com/kubernetes/kubernetes/pull/121120
	https://github.com/oqtane/oqtane.framework/discussions/3367
	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
	https://netty.io/news/2023/10/10/4-1-100-Final.html
	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
	https://news.ycombinator.com/item?id=37837043
	https://github.com/kazu-yamamoto/http2/issues/93
	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
	https://www.debian.org/security/2023/dsa-5522	vendor-advisory
	https://www.debian.org/security/2023/dsa-5521	vendor-advisory
	https://access.redhat.com/security/cve/cve-2023-44487
	https://github.com/ninenines/cowboy/issues/1615
	https://github.com/varnishcache/varnish-cache/issues/3996
	https://github.com/tempesta-tech/tempesta/issues/1986
	https://blog.vespa.ai/cve-2023-44487/
	https://github.com/etcd-io/etcd/issues/16740
	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
	https://istio.io/latest/news/security/istio-security-2023-004/
	https://github.com/junkurihara/rust-rpxy/issues/97
	https://bugzilla.suse.com/show_bug.cgi?id=1216123
	https://bugzilla.redhat.com/show_bug.cgi?id=2242803
	https://ubuntu.com/security/CVE-2023-44487
	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
	https://github.com/advisories/GHSA-qppj-fm5r-hxr3
	https://github.com/apache/httpd-site/pull/10
	https://github.com/projectcontour/contour/pull/5826
	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
	https://github.com/line/armeria/pull/5232
	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
	https://security.paloaltonetworks.com/CVE-2023-44487
	https://github.com/akka/akka-http/issues/4323
	https://github.com/openresty/openresty/issues/930
	https://github.com/apache/apisix/issues/10320
	https://github.com/Azure/AKS/issues/3947
	https://github.com/Kong/kong/discussions/11741
	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
	https://github.com/caddyserver/caddy/releases/tag/v2.7.5
	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/13/4	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/13/9	mailing-list
	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	vendor-advisory
	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	mailing-list
	https://security.netapp.com/advisory/ntap-20231016-0001/
	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/18/4	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/18/8	mailing-list
	http://www.openwall.com/lists/oss-security/2023/10/19/6	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	vendor-advisory
	http://www.openwall.com/lists/oss-security/2023/10/20/8	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	mailing-list
	https://www.debian.org/security/2023/dsa-5540	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	mailing-list
	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	mailing-list
	https://www.debian.org/security/2023/dsa-5549	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	vendor-advisory
	https://www.debian.org/security/2023/dsa-5558	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	mailing-list
	https://security.gentoo.org/glsa/202311-09	vendor-advisory
	https://www.debian.org/security/2023/dsa-5570	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240426-0007/
	https://security.netapp.com/advisory/ntap-20240621-0006/
	https://security.netapp.com/advisory/ntap-20240621-0007/
	https://github.com/grpc/grpc/releases/tag/v1.59.2
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "http",
            "vendor": "ietf",
            "versions": [
              {
                "status": "affected",
                "version": "2.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-44487",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T20:34:21.334116Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-10-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:37:14.917Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2023-10-10T00:00:00+00:00",
            "value": "CVE-2023-44487 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-19T07:48:04.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37831062"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/envoyproxy/envoy/pull/30055"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/haproxy/haproxy/issues/2312"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/eclipse/jetty.project/issues/10679"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nghttp2/nghttp2/pull/1961"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/alibaba/tengine/issues/1872"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37830987"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37830998"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/caddyserver/caddy/issues/5877"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/bcdannyboy/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/grpc/grpc-go/pull/6703"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://my.f5.com/manage/s/article/K000137106"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/facebook/proxygen/pull/466"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micrictor/http2-rst-stream"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/h2o/h2o/pull/3291"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/nodejs/node/pull/50121"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/dotnet/announcements/issues/277"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang/go/issues/63417"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/trafficserver/pull/10564"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kubernetes/kubernetes/pull/121120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=37837043"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kazu-yamamoto/http2/issues/93"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
          },
          {
            "name": "DSA-5522",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5522"
          },
          {
            "name": "DSA-5521",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5521"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ninenines/cowboy/issues/1615"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.vespa.ai/cve-2023-44487/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/etcd-io/etcd/issues/16740"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd-site/pull/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/projectcontour/contour/pull/5826"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/line/armeria/pull/5232"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/akka/akka-http/issues/4323"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openresty/openresty/issues/930"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/apisix/issues/10320"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/3947"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Kong/kong/discussions/11741"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
          },
          {
            "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
          },
          {
            "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
          },
          {
            "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
          },
          {
            "name": "FEDORA-2023-ed2642fd58",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
          },
          {
            "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
          },
          {
            "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
          },
          {
            "name": "[oss-security] 20231018 Vulnerability in Jenkins",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
          },
          {
            "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
          },
          {
            "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
          },
          {
            "name": "FEDORA-2023-54fadada12",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
          },
          {
            "name": "FEDORA-2023-5ff7bf1dd8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
          },
          {
            "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
          },
          {
            "name": "FEDORA-2023-17efd3f2cd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
          },
          {
            "name": "FEDORA-2023-d5030c983c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
          },
          {
            "name": "FEDORA-2023-0259c3f26f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
          },
          {
            "name": "FEDORA-2023-2a9214af5f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
          },
          {
            "name": "FEDORA-2023-e9c04d81c1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
          },
          {
            "name": "FEDORA-2023-f66fc0f62a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
          },
          {
            "name": "FEDORA-2023-4d2fd884ea",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
          },
          {
            "name": "FEDORA-2023-b2c50535cb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
          },
          {
            "name": "FEDORA-2023-fe53e13b5b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
          },
          {
            "name": "FEDORA-2023-4bf641255e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
          },
          {
            "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
          },
          {
            "name": "DSA-5540",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5540"
          },
          {
            "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
          },
          {
            "name": "FEDORA-2023-1caffb88af",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
          },
          {
            "name": "FEDORA-2023-3f70b8d406",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
          },
          {
            "name": "FEDORA-2023-7b52921cae",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
          },
          {
            "name": "FEDORA-2023-7934802344",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
          },
          {
            "name": "FEDORA-2023-dbe64661af",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
          },
          {
            "name": "FEDORA-2023-822aab0a5a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
          },
          {
            "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
          },
          {
            "name": "DSA-5549",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5549"
          },
          {
            "name": "FEDORA-2023-c0c6a91330",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
          },
          {
            "name": "FEDORA-2023-492b7be466",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
          },
          {
            "name": "DSA-5558",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5558"
          },
          {
            "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
          },
          {
            "name": "GLSA-202311-09",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-09"
          },
          {
            "name": "DSA-5570",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5570"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-07T20:05:34.376Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
        },
        {
          "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
        },
        {
          "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
        },
        {
          "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
        },
        {
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37831062"
        },
        {
          "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
        },
        {
          "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
        },
        {
          "url": "https://github.com/envoyproxy/envoy/pull/30055"
        },
        {
          "url": "https://github.com/haproxy/haproxy/issues/2312"
        },
        {
          "url": "https://github.com/eclipse/jetty.project/issues/10679"
        },
        {
          "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
        },
        {
          "url": "https://github.com/nghttp2/nghttp2/pull/1961"
        },
        {
          "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
        },
        {
          "url": "https://github.com/alibaba/tengine/issues/1872"
        },
        {
          "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37830987"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37830998"
        },
        {
          "url": "https://github.com/caddyserver/caddy/issues/5877"
        },
        {
          "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
        },
        {
          "url": "https://github.com/bcdannyboy/CVE-2023-44487"
        },
        {
          "url": "https://github.com/grpc/grpc-go/pull/6703"
        },
        {
          "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
        },
        {
          "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
        },
        {
          "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
        },
        {
          "url": "https://my.f5.com/manage/s/article/K000137106"
        },
        {
          "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
        },
        {
          "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
        },
        {
          "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
        },
        {
          "name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
        },
        {
          "name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
        },
        {
          "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
        },
        {
          "url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
        },
        {
          "url": "https://github.com/facebook/proxygen/pull/466"
        },
        {
          "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
        },
        {
          "url": "https://github.com/micrictor/http2-rst-stream"
        },
        {
          "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
        },
        {
          "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
        },
        {
          "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
        },
        {
          "url": "https://github.com/h2o/h2o/pull/3291"
        },
        {
          "url": "https://github.com/nodejs/node/pull/50121"
        },
        {
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "url": "https://github.com/golang/go/issues/63417"
        },
        {
          "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
        },
        {
          "url": "https://github.com/apache/trafficserver/pull/10564"
        },
        {
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
        },
        {
          "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
        },
        {
          "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
        },
        {
          "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
        },
        {
          "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
        },
        {
          "url": "https://github.com/kubernetes/kubernetes/pull/121120"
        },
        {
          "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
        },
        {
          "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
        },
        {
          "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
        },
        {
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
        },
        {
          "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
        },
        {
          "url": "https://news.ycombinator.com/item?id=37837043"
        },
        {
          "url": "https://github.com/kazu-yamamoto/http2/issues/93"
        },
        {
          "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
        },
        {
          "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
        },
        {
          "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
        },
        {
          "name": "DSA-5522",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5522"
        },
        {
          "name": "DSA-5521",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5521"
        },
        {
          "url": "https://access.redhat.com/security/cve/cve-2023-44487"
        },
        {
          "url": "https://github.com/ninenines/cowboy/issues/1615"
        },
        {
          "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
        },
        {
          "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
        },
        {
          "url": "https://blog.vespa.ai/cve-2023-44487/"
        },
        {
          "url": "https://github.com/etcd-io/etcd/issues/16740"
        },
        {
          "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
        },
        {
          "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
        },
        {
          "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "url": "https://ubuntu.com/security/CVE-2023-44487"
        },
        {
          "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
        },
        {
          "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
        },
        {
          "url": "https://github.com/apache/httpd-site/pull/10"
        },
        {
          "url": "https://github.com/projectcontour/contour/pull/5826"
        },
        {
          "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
        },
        {
          "url": "https://github.com/line/armeria/pull/5232"
        },
        {
          "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
        },
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-44487"
        },
        {
          "url": "https://github.com/akka/akka-http/issues/4323"
        },
        {
          "url": "https://github.com/openresty/openresty/issues/930"
        },
        {
          "url": "https://github.com/apache/apisix/issues/10320"
        },
        {
          "url": "https://github.com/Azure/AKS/issues/3947"
        },
        {
          "url": "https://github.com/Kong/kong/discussions/11741"
        },
        {
          "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
        },
        {
          "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
        },
        {
          "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
        },
        {
          "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
        },
        {
          "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
        },
        {
          "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
        },
        {
          "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
        },
        {
          "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
        },
        {
          "name": "FEDORA-2023-ed2642fd58",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
        },
        {
          "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
        },
        {
          "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
        },
        {
          "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
        },
        {
          "name": "[oss-security] 20231018 Vulnerability in Jenkins",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
        },
        {
          "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
        },
        {
          "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
        },
        {
          "name": "FEDORA-2023-54fadada12",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
        },
        {
          "name": "FEDORA-2023-5ff7bf1dd8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
        },
        {
          "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
        },
        {
          "name": "FEDORA-2023-17efd3f2cd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
        },
        {
          "name": "FEDORA-2023-d5030c983c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
        },
        {
          "name": "FEDORA-2023-0259c3f26f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
        },
        {
          "name": "FEDORA-2023-2a9214af5f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
        },
        {
          "name": "FEDORA-2023-e9c04d81c1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
        },
        {
          "name": "FEDORA-2023-f66fc0f62a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
        },
        {
          "name": "FEDORA-2023-4d2fd884ea",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
        },
        {
          "name": "FEDORA-2023-b2c50535cb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
        },
        {
          "name": "FEDORA-2023-fe53e13b5b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
        },
        {
          "name": "FEDORA-2023-4bf641255e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
        },
        {
          "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
        },
        {
          "name": "DSA-5540",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5540"
        },
        {
          "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
        },
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
        },
        {
          "name": "FEDORA-2023-1caffb88af",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
        },
        {
          "name": "FEDORA-2023-3f70b8d406",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
        },
        {
          "name": "FEDORA-2023-7b52921cae",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
        },
        {
          "name": "FEDORA-2023-7934802344",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
        },
        {
          "name": "FEDORA-2023-dbe64661af",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
        },
        {
          "name": "FEDORA-2023-822aab0a5a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
        },
        {
          "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
        },
        {
          "name": "DSA-5549",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5549"
        },
        {
          "name": "FEDORA-2023-c0c6a91330",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
        },
        {
          "name": "FEDORA-2023-492b7be466",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
        },
        {
          "name": "DSA-5558",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5558"
        },
        {
          "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
        },
        {
          "name": "GLSA-202311-09",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202311-09"
        },
        {
          "name": "DSA-5570",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5570"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
        },
        {
          "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
        },
        {
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-44487",
    "datePublished": "2023-10-10T00:00:00.000Z",
    "dateReserved": "2023-09-29T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:37:14.917Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-39325 (GCVE-0-2023-39325)

Vulnerability from cvelistv5

Published

2023-10-11 21:15

Modified

2025-02-13 17:02

Severity ?

CWE

CWE-400: Uncontrolled Resource Consumption

Summary

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.

References

►

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:4069-1

Vulnerability from csaf_suse

CVE-2023-44487 (GCVE-0-2023-44487)

Vulnerability from cvelistv5

CVE-2023-39325 (GCVE-0-2023-39325)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature