CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27316

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.904

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-27316

Apache » Http Server » Version: 2.4.17

cpe:2.3:a:apache:http_server:2.4.17
Apache » Http Server » Version: 2.4.18

cpe:2.3:a:apache:http_server:2.4.18
Apache » Http Server » Version: 2.4.19

cpe:2.3:a:apache:http_server:2.4.19
Apache » Http Server » Version: 2.4.20

cpe:2.3:a:apache:http_server:2.4.20
Apache » Http Server » Version: 2.4.21

cpe:2.3:a:apache:http_server:2.4.21
Apache » Http Server » Version: 2.4.22

cpe:2.3:a:apache:http_server:2.4.22
Apache » Http Server » Version: 2.4.23

cpe:2.3:a:apache:http_server:2.4.23
Apache » Http Server » Version: 2.4.24

cpe:2.3:a:apache:http_server:2.4.24
Apache » Http Server » Version: 2.4.25

cpe:2.3:a:apache:http_server:2.4.25
Apache » Http Server » Version: 2.4.26

cpe:2.3:a:apache:http_server:2.4.26
Apache » Http Server » Version: 2.4.27

cpe:2.3:a:apache:http_server:2.4.27
Apache » Http Server » Version: 2.4.28

cpe:2.3:a:apache:http_server:2.4.28
Apache » Http Server » Version: 2.4.29

cpe:2.3:a:apache:http_server:2.4.29
Apache » Http Server » Version: 2.4.30

cpe:2.3:a:apache:http_server:2.4.30
Apache » Http Server » Version: 2.4.31

cpe:2.3:a:apache:http_server:2.4.31
Apache » Http Server » Version: 2.4.32

cpe:2.3:a:apache:http_server:2.4.32
Apache » Http Server » Version: 2.4.33

cpe:2.3:a:apache:http_server:2.4.33
Apache » Http Server » Version: 2.4.34

cpe:2.3:a:apache:http_server:2.4.34
Apache » Http Server » Version: 2.4.35

cpe:2.3:a:apache:http_server:2.4.35
Apache » Http Server » Version: 2.4.36

cpe:2.3:a:apache:http_server:2.4.36
Apache » Http Server » Version: 2.4.37

cpe:2.3:a:apache:http_server:2.4.37
Apache » Http Server » Version: 2.4.38

cpe:2.3:a:apache:http_server:2.4.38
Apache » Http Server » Version: 2.4.39

cpe:2.3:a:apache:http_server:2.4.39
Apache » Http Server » Version: 2.4.40

cpe:2.3:a:apache:http_server:2.4.40
Apache » Http Server » Version: 2.4.41

cpe:2.3:a:apache:http_server:2.4.41
Apache » Http Server » Version: 2.4.42

cpe:2.3:a:apache:http_server:2.4.42
Apache » Http Server » Version: 2.4.43

cpe:2.3:a:apache:http_server:2.4.43
Apache » Http Server » Version: 2.4.44

cpe:2.3:a:apache:http_server:2.4.44
Apache » Http Server » Version: 2.4.45

cpe:2.3:a:apache:http_server:2.4.45
Apache » Http Server » Version: 2.4.46

cpe:2.3:a:apache:http_server:2.4.46
Apache » Http Server » Version: 2.4.47

cpe:2.3:a:apache:http_server:2.4.47
Apache » Http Server » Version: 2.4.48

cpe:2.3:a:apache:http_server:2.4.48
Apache » Http Server » Version: 2.4.49

cpe:2.3:a:apache:http_server:2.4.49
Apache » Http Server » Version: 2.4.50

cpe:2.3:a:apache:http_server:2.4.50
Apache » Http Server » Version: 2.4.51

cpe:2.3:a:apache:http_server:2.4.51
Apache » Http Server » Version: 2.4.52

cpe:2.3:a:apache:http_server:2.4.52
Apache » Http Server » Version: 2.4.53

cpe:2.3:a:apache:http_server:2.4.53
Apache » Http Server » Version: 2.4.54

cpe:2.3:a:apache:http_server:2.4.54
Apache » Http Server » Version: 2.4.55

cpe:2.3:a:apache:http_server:2.4.55
Apache » Http Server » Version: 2.4.56

cpe:2.3:a:apache:http_server:2.4.56
Apache » Http Server » Version: 2.4.57

cpe:2.3:a:apache:http_server:2.4.57
Apache » Http Server » Version: 2.4.58

cpe:2.3:a:apache:http_server:2.4.58
Netapp » Ontap » Version: 9

cpe:2.3:a:netapp:ontap:9
Fedoraproject » Fedora » Version: 38

cpe:2.3:o:fedoraproject:fedora:38
Fedoraproject » Fedora » Version: 39

cpe:2.3:o:fedoraproject:fedora:39
Fedoraproject » Fedora » Version: 40

cpe:2.3:o:fedoraproject:fedora:40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27316

Products

Pricing

Contact Us