Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | node-min | 0, 19.0.0, 0 |
Timeline
- Dec 16, 2024 CVE Published
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- May 13, 2026 CVE Updated
References
- http://www.openwall.com/lists/oss-security/2023/10/13/4 url
- http://www.openwall.com/lists/oss-security/2023/10/13/9 url
- http://www.openwall.com/lists/oss-security/2023/10/18/4 url
- http://www.openwall.com/lists/oss-security/2023/10/18/8 url
- http://www.openwall.com/lists/oss-security/2023/10/19/6 url
- http://www.openwall.com/lists/oss-security/2023/10/20/8 url
- https://access.redhat.com/security/cve/cve-2023-44487 url
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ url
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ url
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ url
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ url
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ url
- https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack url
- https://blog.vespa.ai/cve-2023-44487/ url
- https://bugzilla.proxmox.com/show_bug.cgi?id=4988 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803 url
- https://bugzilla.suse.com/show_bug.cgi?id=1216123 url
- https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 url
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ url
- https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack url
…and 159 more