cbcvebase.
CVE-2023-44386
published 2023-10-05

CVE-2023-44386: Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler…

PriorityP424medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.60%
44.1th percentile
Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.

Affected

3 ranges
VendorProductVersion rangeFixed in
github.comvapor_vapor>= 4.83.2 < 4.84.24.84.2
vaporvapor
vaporvapor>= 4.83.2 < 4.84.24.84.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.