oss-sec mailing list archives
Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
From: Moritz Muehlenhoff <jmm () inutil org>
Date: Tue, 10 Oct 2023 21:23:06 +0200
On Tue, Oct 10, 2023 at 11:40:06AM -0700, Alan Coopersmith wrote:
Information I've found so far on open source implementations (most via the current listings in the CVE) include:
Apache Trafficserver is also affected: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q Cheers, Moritz
Current thread:
- CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Alan Coopersmith (Oct 10)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Moritz Muehlenhoff (Oct 10)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Jonathan Wright (Oct 13)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Steffen Nurpmeso (Oct 13)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Jonathan Wright (Oct 13)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Alan Coopersmith (Oct 18)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Alan Coopersmith (Oct 20)
- Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations Moritz Muehlenhoff (Oct 10)