By vendor

Crux vulnerabilities

Known CVEs affecting Crux products, prioritized by severity, with SEC.co remediation and detection guidance.

1 published vulnerability

  • CVE-2026-10725HIGH 7.5

    Protocol::HTTP2, a Perl library for handling HTTP/2 communication, contains a vulnerability that allows an attacker to consume excessive server memory by sending a specially crafted HTTP/2 request with many headers. The library fails to enforce advertised limits on header sizes, permitting small network payloads to expand dramatically once processed, disrupting server availability. This affects versions before 1.13.