[CASSANDRA-18943] http/2 vulnerability: CVE-2023-44487 - ASF JIRA

Log work

Agile Board

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Fixed
Fix Version/s: 3.0.30, 3.11.17, 4.0.12, 4.1.4, 5.0-alpha2, 5.0, 5.1
Component/s: Dependencies
Labels:
None

Bug Category:
Security - Denial of Service
Severity:
Normal
Complexity:
Normal
Discovered By:
User Report
Platform:

All
Impacts:

None
Since Version:

NA
Source Control Link:

https://github.com/apache/cassandra/commit/5bf1d2f8d5b6b37b8f6e2718f85dec068ceb7206
Test and Documentation Plan:

Hide

run CI

Show
run CI

Description

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

Basically anything using http/2 is covered by this, but we don't use it.

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Brandon Williams Assign to me

Reporter:: Brandon Williams

Authors:: Brandon Williams

Reviewers:: Berenguer Blasi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 19/Oct/23 11:02

Updated:: 01/Nov/23 08:54

Resolved:: 26/Oct/23 11:09

Agile

View on Board

http/2 vulnerability: CVE-2023-44487

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment