amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash.
Metrics
Affected Vendors & Products
References
History
Fri, 06 Sep 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2024-04-03T17:18:29.944Z
Updated: 2024-09-06T16:43:42.206Z
Reserved: 2024-03-19T15:20:53.090Z
Link: CVE-2024-2653
Vulnrichment
Updated: 2024-08-01T19:18:48.205Z
NVD
Status : Awaiting Analysis
Published: 2024-04-03T18:15:07.317
Modified: 2024-09-06T17:35:08.337
Link: CVE-2024-2653
Redhat