Security #6751: http2: evasion by splitting header fields over frames (6.0.x backport) - Suricata - Open Information Security Foundation

Actions

Copy link

Security #6751

closed

Security #5926: http2: evasion by splitting header fields over frames

http2: evasion by splitting header fields over frames (6.0.x backport)

Added by OISF Ticketbot 3 months ago. Updated 2 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

6.0.16

Affected Versions:

Label:

CVE:

2024-24568

Git IDs:

ffed4b35cb8a0c4db586305239fe615dce0174a8

Severity:

LOW

Disclosure Date:

Actions

Copy link

Updated by Victor Julien 3 months ago

Status changed from Assigned to Resolved

Actions

Copy link

Updated by Victor Julien 3 months ago

CVE set to 2024-24568
Severity changed from MODERATE to LOW

LOW severity as in 6.0.x HTTP2 is considered experimental and disabled by default.

Actions

Copy link

Updated by Philippe Antoine 3 months ago

Status changed from Resolved to Closed
Git IDs updated (diff)

Actions

Copy link

Updated by Victor Julien 2 months ago

Private changed from Yes to No

Actions

Copy link

Updated by Victor Julien 2 months ago

https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #6751

http2: evasion by splitting header fields over frames (6.0.x backport)

Updated by Victor Julien 3 months ago

Updated by Victor Julien 3 months ago

Updated by Philippe Antoine 3 months ago

Updated by Victor Julien 2 months ago

Updated by Victor Julien 2 months ago