A vulnerability was discovered in ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. A remote, unauthenticated attacker could potentially exploit this issue to cause a denial of service.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0496 https://access.redhat.com/errata/RHSA-2022:0496
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0495 https://access.redhat.com/errata/RHSA-2022:0495
This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2022:0499 https://access.redhat.com/errata/RHSA-2022:0499
This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2022:0500 https://access.redhat.com/errata/RHSA-2022:0500
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-219862
*** Bug 2052717 has been marked as a duplicate of this bug. ***