CVE-2022-2048

HIGH Year: 2022
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-410
View all →

Vulnerability Description

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.

Related Vulnerabilities

CVE-2018-13815

HIGH
CVSS:7.5(High)

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a...

CWE-4102018

CVE-2019-0056

HIGH
CVSS:7.5(High)

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker t...

CWE-4102019

CVE-2019-13921

HIGH
CVSS:7.5(High)

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker ...

CWE-4102019

CVE-2022-46679

HIGH
CVSS:7.5(High)

Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial o...

CWE-4102022

CVE-2023-38505

HIGH
CVSS:7.5(High)

DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS m...

CWE-4102023

CVE-2025-27479

HIGH
CVSS:7.5(High)

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

CWE-4102025