VDB
GHSA-8r5v-vm4m-4g25
GHSA-8r5v-vm4m-4g25
PUBLISHED
CVSS 8.600000381469727 HIGH
Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| crates.io | h2 | 0.4.0, 0, 0 |
Timeline
- Jan 19, 2024 CVE Published
References
- https://github.com/hyperium/h2 product
- https://rustsec.org/advisories/RUSTSEC-2024-0003.html url
- GitHub Advisory GHSA-8r5v-vm4m-4g25 vendor-advisory
- https://github.com/hyperium/h2/pull/737 url
- https://github.com/hyperium/h2/commit/59570e11ccddbec85f67a0c7aa353f7730c68854 url
- https://github.com/hyperium/h2/commit/d919cd6fd8e0f4f5d1f6282fab0b38a1b4bf999c url