Home > Vulnerability Database > CVE-2023-44386

Mend.io Vulnerability Database

CVE-2023-44386

Good to know:

Date: October 5, 2023

Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2.

Language: Swift

Severity Score

5.3

Related Resources (6)

Url: https://github.com/vapor/vapor/commit/090464a654b03148b139a81f8f5ac63b0856f6f3

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-44386

Url: https://github.com/vapor/vapor/security/advisories/GHSA-3mwq-h3g6-ffhm

Url: https://github.com/vapor/vapor

Url: https://github.com/vapor/vapor/releases/tag/4.84.2

Url: https://www.mend.io/vulnerability-database/CVE-2023-44386

Severity Score

5.3

Weakness Type (CWE)

Reachable Assertion

CWE-617

Improper Handling of Extra Values

CWE-231

Incorrect Behavior Order

CWE-696

Top Fix

Upgrade Version

Upgrade to version 4.84.2

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-44386

Good to know:

Date: October 5, 2023

Language: Swift

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?