search menu icon-carat-right cmu-wordmark

CERT Coordination Center

HTTP/2 CONTINUATION frames can be utilized for DoS attacks

Vulnerability Note VU#421644

Original Release Date: 2024-04-03 | Last Revised: 2024-07-19

Overview

HTTP allows messages to include named fields in both header and trailer sections. These header and trailer fields are serialised as field blocks in HTTP/2, so that they can be transmitted in multiple fragments to the target implementation. Many HTTP/2 implementations do not properly limit or sanitize the amount of CONTINUATION frames sent within a single stream. An attacker that can send packets to a target server can send a stream of CONTINUATION frames that will not be appended to the header list in memory but will still be processed and decoded by the server or will be appended to the header list, causing an out of memory (OOM) crash.

Description

HTTP/2 utilizes header fields within HTTP request and response messages. Header fields can comprise header lists, which in turn are broken into header blocks. These header blocks are transmitted in multiple fragments to the target implementation. HTTP/2 CONTINUATION frames are used to continue a sequence of field block fragments. They are utilized in order to split header blocks across multiple frames. The other two types of header block fragments are HEADERS or PUSH_PROMISE. CONTINUATION frames can be utilized to continue a header block fragment that could not be transmitted by the HEADERS or PUSH_PROMISE frames. A header block is considered completed when the server receives a set END_HEADERS flag. This is intended to denote that there are no further CONTINUATION, HEADERS, or PUSH_PROMISE frames. A vulnerability has been discovered within multiple implementations that does not limit the amount of CONTINUATION frames that can be sent within a single stream.

The implementation will continue to receive frames as long as the END_HEADERS flag is not set during these communications. An attacker can initialize a connection to a server with typical HTTP/2 frames and then receive initial frames from the server. The attacker can then begin an HTTP request with no set END_HEADERS flags. This can allow an attacker to send a stream of CONTINUATION frames to the target server, which can result in an out-of-memory crash, enabling an attacker to launch a denial of service (DoS) attack against a target server using a vulnerable implementation.

Additionally, an attacker can send HPACK Huffman encoded CONTINUATION frames to a target implementation. This can cause CPU resource exhaustion and result in a DoS as the the CPU must decode every encoded frame that it receives.

Below are several CVE listings to reflect the vulnerability within different implementations.

CVE-2024-27983

An attacker can make the Node.js HTTP/2 server unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition.

CVE-2024-27919

Envoy's oghttp codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption.

CVE-2024-2758

Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.

CVE-2024-2653

amphp/http will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the END_HEADERS flag, resulting in an OOM crash. amphp/http-client and amphp/http-server are indirectly affected if they're used with an unpatched version of amphp/http. Early versions of amphp/http-client with HTTP/2 support (v4.0.0-rc10 to 4.0.0) are also directly affected.

CVE-2023-45288

The Go packages net/http and net/http2 packages do not limit the number of CONTINUATION frames read for an HTTP/2 request, which permits an attacker to provide an arbitrarily large set of headers for a single request, that will be read, decoded, and subsequently discarded, which may result in excessive CPU consumption.

CVE-2024-28182

An implementation using the nghttp2 library will continue to receive CONTINUATION frames, and will not callback to the application to allow visibility into this information before it resets the stream, resulting in a DoS.

CVE-2024-27316

HTTP/2 CONTINUATION frames without the END_HEADERS flag set can be sent in a continuous stream by an attacker to an Apache Httpd implementation, which will not properly terminate the request early.

CVE-2024-31309

HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected.

CVE-2024-30255

HTTP/2 protocol stack in Envoy versions 1.29.2 or earlier are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoys HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoys header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic.

Impact

Successful exploitation of this vulnerability can allow an attacker the capability to launch DoS attacks against servers utilizing vulnerable implementations.

Solution

Different HTTP/2 implementations may have separate, unique vulnerabilities specific to that implementation. It is important to note that it may be difficult to analyze incoming malicious traffic exploiting this vulnerability as the HTTP request is not properly completed. Analysis of raw HTTP traffic may be necessary to determine an attack utilizing this vulnerability.

Acknowledgements

Thank you to Bartek Nowotarski for reporting the vulnerability. This document was written by Christopher Cullen.

Vendor Information

421644
 

AMPHP Affected

Notified:  2024-03-07 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

amphp/http will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the END_HEADERS flag, resulting in an OOM crash. amphp/http-client and amphp/http-server are indirectly affected if they're used with an unpatched version of amphp/http. Early versions of amphp/http-client with HTTP/2 support (v4.0.0-rc10 to 4.0.0) are also directly affected.

References

Apache HTTP Server Project Affected

Notified:  2024-02-19 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Arista Networks Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

Arista Networks has products affected by these vulnerabilities. Complete details on affected products and impact can be found at: https://www.arista.com/en/support/advisories-notices/security-advisory/19221-security-advisory-0094

Cisco Affected

Notified:  2024-02-28 Updated: 2024-04-15

Statement Date:   April 15, 2024

CVE-2023-45288 Affected
References:
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Not Affected
Vendor Statement:
No Cisco products are known to run Temesta FW.
References:
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Affected
References:
CVE-2024-30255 Unknown
Vendor Statement:
Cisco will update Cisco Vulnerability Repository with any impact.
References:
CVE-2024-31309 Unknown

Vendor Statement

Cisco has a list of products that leverage HTTP/2 bugs have been opened for investigation now this is public. Cisco will communicate these vulnerabilities status via CVR (https://sec.cloudapps.cisco.com/security/center/cvr).

Fastly Affected

Notified:  2024-02-19 Updated: 2024-04-08

Statement Date:   April 05, 2024

CVE-2023-45288 Affected
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Go Programming Language Affected

Notified:  2024-02-14 Updated: 2024-04-03

Statement Date:   March 18, 2024

CVE-2023-45288 Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Unknown
CVE-2024-28182 Not Affected
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

The Go packages net/http and golang.org/x/net/http2 packages set a configurable limit on the size of headers for a request. They do not, however, limit the number of CONTINUATION frames read for an HTTP/2 request. This permits an attacker to provide an arbitrarily large set of headers for a single request, which will be read, decoded, and subsequently discarded. This attack vector does not permit an attacker to cause memory exhaustion, since excessive headers will be discarded. It may permit an attacker to cause excessive CPU consumption.

We intend to release a fix for this vulnerability when the release embargo ends.

Red Hat Affected

Notified:  2024-03-06 Updated: 2024-05-06

Statement Date:   May 04, 2024

CVE-2023-45288 Affected
CVE-2024-2653 Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Affected
CVE-2024-28182 Affected
CVE-2024-30255 Affected
CVE-2024-31309 Affected

Vendor Statement

We have not received a statement from the vendor.

SUSE Linux Affected

Notified:  2024-03-14 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Affected
Vendor Statement:
SUSE distributions contain affected packages and we will ship updated go compilers and rebuilt go packages when available.
CVE-2024-2653 Not Affected
Vendor Statement:
SUSE does not provide AMPHP.
CVE-2024-27268 Unknown
CVE-2024-27316 Affected
Vendor Statement:
SUSE ships affected apache2 packages and will released fixed packages.
CVE-2024-2758 Not Affected
Vendor Statement:
SUSE does not ship tempesta fw
CVE-2024-27919 Not Affected
Vendor Statement:
SUSE previously shipped envoy in now EOL products. SUSE Rancher will also be researched if it ships envoy proxy.
CVE-2024-27983 Affected
Vendor Statement:
SUSE is affected and will provided fixed nodejs packages as online updates.
CVE-2024-28182 Affected
Vendor Statement:
SUSE provided nghttp2 and will provide fixed packages.
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Akamai Technologies Inc. Not Affected

Notified:  2024-02-15 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

AMD Not Affected

Notified:  2024-03-18 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Apache Tomcat Not Affected

Notified:  2024-02-14 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Aruba Networks Not Affected

Notified:  2024-03-06 Updated: 2024-06-18

Statement Date:   June 17, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Eclipse Foundation Not Affected

Notified:  2024-02-19 Updated: 2024-04-05

Statement Date:   April 05, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

Eclipse Jetty and Vert.X are not affected by this issue.

eCosCentric Not Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Go packages net/http and golang.org/x/net/http2
References:
CVE-2024-2653 Not Affected
Vendor Statement:
eCosPro RTOS does not provide AMPHP
References:
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Apache derived Httpd implementation
References:
CVE-2024-2758 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Tempesta code
References:
CVE-2024-27919 Not Affected
Vendor Statement:
eCosPro RTOS does not provide HTTP/2 library
References:
CVE-2024-27983 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Nod.js code
References:
CVE-2024-28182 Not Affected
Vendor Statement:
eCosPro RTOS does not contain nghttp2 library
References:
CVE-2024-30255 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Envoy's code
References:
CVE-2024-31309 Not Affected
Vendor Statement:
eCosPro RTOS does not contain Apache code
References:

Vendor Statement

eCosPro RTOS does not contain http2 implementation

eero Not Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

F5 Networks Not Affected

Notified:  2024-02-19 Updated: 2024-04-03

Statement Date:   March 26, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Unknown
CVE-2024-28182 Not Affected
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

HTTP/2 attacks involving CONTINUATION headers do not impact the resource utilization of F5 products (including BIG-IP products, NGINX and F5 Distributed Cloud).

As with other DoS vectors (HTTP/1.x and HTTP/2), for NGINX F5 recommends tuning the following settings to suit your environment (worker_rlimit_nofile, worker_connections, keepalive_timeout, client_header_timeout). Similarly, F5 recommends configuring appropriate limits and protections for BIG-IP products (e.g., AFM DoS Profiles, ASM DoS Profiles, Virtual Server connection limits and timeouts and, for HTTP/2, the Concurrent Streams Per Connection setting).

Juniper Networks Not Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

HTTP/2 support in Junos OS and Junos OS Evolved is limited to nginx, which is used for telemetry starting in 24.1. According to the researcher, nginx is not vulnerable to this issue.

LANCOM Systems GmbH Not Affected

Notified:  2024-03-06 Updated: 2024-05-06

Statement Date:   May 06, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

lighttpd Not Affected

Notified:  2024-04-05 Updated: 2024-06-13

Statement Date:   June 13, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

The lighttpd web server is not specifically vulnerable to DoS attacks utilizing HTTP/2 CONTINUATION frames. lighttpd memory allocation while collecting raw HEADERS + CONTINUATION frames is bounded to < 64k; lighttpd limits the raw HEADERS + CONTINUATION frames to 64k (not HPACK-decoded) and lighttpd does not spend any resources HPACK-decoding until after END_HEADERS is received (which does not occur in this CONTINUATION frame attack). CPU usage by lighttpd is minimal to append CONTINUATION frames to the stream buffer for HEADERS. lighttpd will not get stuck servicing a single HTTP/2 connection, as lighttpd performs a single recv() on an HTTP/2 socket, processes complete HTTP/2 frames, and then goes on to process other sockets with pending events.

LiteSpeed Technologies Not Affected

Notified:  2024-03-06 Updated: 2024-04-05

Statement Date:   April 04, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Microsoft Not Affected

Notified:  2024-02-15 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Muonics Inc. Not Affected

Notified:  2024-03-06 Updated: 2024-04-08

Statement Date:   April 07, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

Muonics does not implement HTTP/2 or use any HTTP/2 implementations in any of its products at this time.

netsnmp Not Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   March 06, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Paessler Not Affected

Notified:  2024-03-06 Updated: 2024-06-06

Statement Date:   June 06, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Peplink Not Affected

Notified:  2024-03-06 Updated: 2024-04-03

Statement Date:   March 12, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Not Affected
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Rust Security Response WG Not Affected

Notified:  2024-02-19 Updated: 2024-04-03

Statement Date:   February 19, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Softvelum Not Affected

Notified:  2024-02-28 Updated: 2024-04-03

Statement Date:   March 01, 2024

CVE-2023-45288 Not Affected
Vendor Statement:
Nimble Streamer is not affected by this issue as it is not using Go net/http for processing HTTP/2 requests.
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
Vendor Statement:
Nimble Streamer is not affected by this issue as it dost not support CONTINUATION frames in requests.
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Synology Not Affected

Notified:  2024-03-06 Updated: 2024-04-08

Statement Date:   April 08, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Toshiba Corporation Not Affected

Notified:  2024-03-06 Updated: 2024-07-19

Statement Date:   July 19, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Not Affected
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Varnish Software Not Affected

Notified:  2024-03-26 Updated: 2024-04-03

Statement Date:   April 03, 2024

CVE-2023-45288 Not Affected
CVE-2024-2653 Not Affected
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

Memory consumption in Varnish in processing HPACK is limited to a fixed buffer size, regardless of the size of the incoming header set. Thus Varnish is not at any risk of runaway memory consumption due to an arbitrarily large incoming header set. After this buffer is exceeded, Varnish will keep processing CONTINUATION frames and perform dynamic table updates correspondingly. Thus keeping the HPACK state consistent for future streams on the same connection.

Wireshark Not Affected

Notified:  2024-02-19 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Not Affected
Vendor Statement:
Wireshark does not use the Go net/http package.
CVE-2024-2653 Not Affected
Vendor Statement:
Wireshark does not use AMPHP.
CVE-2024-27268 Unknown
CVE-2024-27316 Not Affected
Vendor Statement:
Wireshark uses CONTINUATION frames to keep track of the header state and uses the nghttp2 library for decompression, but does not appear to be affected by these issues.
CVE-2024-2758 Not Affected
CVE-2024-27919 Not Affected
Vendor Statement:
Wireshark does not use Envoy's HTTP/2 codec.
CVE-2024-27983 Not Affected
CVE-2024-28182 Not Affected
Vendor Statement:
Wireshark uses CONTINUATION frames to keep track of the header state and uses the nghttp2 library for decompression, but does not appear to be affected by these issues.
CVE-2024-30255 Not Affected
CVE-2024-31309 Not Affected

Vendor Statement

Wireshark uses CONTINUATION frames to keep track of the header state and uses the nghttp2 library for decompression, but does not appear to be affected by these issues.

IETF HTTP Working Group Unknown

Notified:  2024-02-26 Updated: 2024-04-03

Statement Date:   April 02, 2024

CVE-2023-45288 Unknown
Vendor Statement:
This is not a specification vulnerability. RFC 9113 already cautions implementations about the possibility of Denial of Service due to 'large numbers of small or empty frames.'
References:
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

This is not a specification vulnerability.

RFC 9113 already cautions implementations about the possibility of Denial of Service due to 'large numbers of small or empty frames.'

References

Amazon Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apache Traffic Server Project Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apple Unknown

Notified:  2024-02-15 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bell Canada Enterprises Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlackBerry Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Broadcom Unknown

Notified:  2024-02-28 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cambium Networks Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Canonical Unknown

Notified:  2024-03-12 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT.PL Unknown

Notified:  2024-03-27 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Chatterbox Unknown

Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Citrix Unknown

Notified:  2024-03-18 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cloudflare Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cricket Wireless Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Debian GNU/Linux Unknown

Notified:  2024-02-26 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digi International Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

dnsmasq Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

DragonFly BSD Project Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Edg.io Unknown

Notified:  2024-02-21 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Envoy Unknown

Notified:  2024-02-20 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fortinet Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

GitHub Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU wget Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Google Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

gRPC Unknown

Notified:  2024-04-10 Updated: 2024-04-15

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

HAProxy Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hex Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hitachi Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Honeywell Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

hyperium Unknown

Notified:  2024-02-14 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Unknown

Notified:  2024-02-26 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Infoblox Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Intel Unknown

Notified:  2024-02-28 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

JPCERT/CC Vulnerability Handling Team Unknown

Notified:  2024-03-07 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

LG Electronics Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Meta Unknown

Notified:  2024-04-05 Updated: 2024-04-05

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Mozilla Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

NEC Corporation Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetBSD Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Netflix Inc. Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

NETGEAR Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

netsnmpj Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Netty Unknown

Notified:  2024-03-05 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

nghttp2 Unknown

Notified:  2024-02-20 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

NGINX Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nixu Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Node.js Unknown

Notified:  2024-02-14 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenConnect Ltd Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oracle Corporation Unknown

Notified:  2024-02-23 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oryx Embedded Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Palo Alto Networks Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

PayPal Unknown

Notified:  2024-02-23 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

pfSense Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Philips Electronics Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Philips Healthcare Unknown

Notified:  2024-04-03 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Pulse Secure Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quadros Systems Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Qualcomm Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Riverbed Technologies Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruby Unknown

Notified:  2024-02-21 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruby Gems HTTP-2 Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sonos Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sony Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sophos Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Symantec Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

TCPWave Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tempesta Unknown

Notified:  2024-02-28 Updated: 2024-04-03

Statement Date:   March 16, 2024

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tenable Network Security Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

TIBCO Unknown

Notified:  2024-03-18 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

TippingPoint Technologies Inc. Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tizen Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

TP-LINK Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Traefik Unknown

Notified:  2024-04-11 Updated: 2024-04-15

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Twisted Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubiquiti Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubuntu Unknown

Notified:  2024-03-20 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Unisys Corporation Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Untangle Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Vantiva Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Viasat Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

VMware Unknown

Notified:  2024-02-29 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Wind River Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

wolfSSL Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xiaomi Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xilinx Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

X.org Foundation Unknown

Notified:  2024-02-27 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Yahoo Inc. Unknown

Notified:  2024-02-19 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zebra Technologies Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zyxel Unknown

Notified:  2024-03-06 Updated: 2024-04-03

CVE-2023-45288 Unknown
CVE-2024-2653 Unknown
CVE-2024-27268 Unknown
CVE-2024-27316 Unknown
CVE-2024-2758 Unknown
CVE-2024-27919 Unknown
CVE-2024-27983 Unknown
CVE-2024-28182 Unknown
CVE-2024-30255 Unknown
CVE-2024-31309 Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 123 vendors View less vendors


Other Information

CVE IDs: CVE-2023-45288 CVE-2024-2653 CVE-2024-27268 CVE-2024-27316 CVE-2024-2758 CVE-2024-27919 CVE-2024-27983 CVE-2024-28182 CVE-2024-30255 CVE-2024-31309
API URL: VINCE JSON | CSAF
Date Public: 2024-04-03
Date First Published: 2024-04-03
Date Last Updated: 2024-07-19 11:21 UTC
Document Revision: 18

Sponsored by CISA.