Debian Rust-H2 vulnerabilities

CVE-2023-26964 [HIGH] CVE-2023-26964: rust-h2 - An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when t... An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). Scope: local bookworm: resolved (fixed in 0.3.13-2) forky: resolved (fixed in 0.3.13-2) sid: resolved (fixed in 0.3.13-2) trixie: resolved (fixed

CVE-2019-9514 [HIGH] CVE-2019-9514: h2o - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading... Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Scope: local book