Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

PhotonPHSA-2023-4.0-0342

HistoryFeb 28, 2023 - 12:00 a.m.

Important Photon OS Security Update - PHSA-2023-4.0-0342

2023-02-2800:00:00

github.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.102 Low

EPSS

Percentile

94.8%

JSON

Updates of [‘nginx’] packages of Photon OS have been released.

OSVersionArchitecturePackageVersionFilename
Photon4.0x86_64nginx< 1.22.0-4.ph4nginx-1.22.0-4.ph4.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Photon	4.0	x86_64	nginx	< 1.22.0-4.ph4	nginx-1.22.0-4.ph4.x86_64.rpm

nessus 50

openvas 30

oraclelinux 4

ibm 15

redhat 9

amazon 3

debian 3

freebsd 3

suse 6

archlinux 3

fedora 8

osv 8

mageia 2

rocky 1

hackerone 1

almalinux 2

ubuntu 2

f5 1

githubexploit 1

redhatcve 2

debiancve 2

cbl_mariner 2

ubuntucve 2

symantec 3

alpinelinux 2

cve 5

mscve 2

prion 4

nginx 2

veracode 2

photon 5

altlinux 1

zdt 2

packetstorm 1

vmware 2

exploitdb 1

hivepro 1

thn 1

nodejsblog 1

fortinet 1

cloudfoundry 1

myhack58 1

threatpost 1

nessus

RHEL 8 : nghttp2 (RHSA-2019:2692) (Data Dribble) (Resource Loop)

2019-09-10 00:00:00

FreeBSD : nghttp2 -- multiple vulnerabilities (121fec01-c042-11e9-a73f-b36f5969f162) (Data Dribble) (Resource Loop)

2019-08-20 00:00:00

Amazon Linux AMI : nghttp2 (ALAS-2019-1298) (Data Dribble) (Resource Loop)

2019-10-04 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2019:2473-1)

2021-06-09 00:00:00

Fedora Update for nghttp2 FEDORA-2019-81985a8858

2019-08-23 00:00:00

openSUSE: Security Advisory for nghttp2 (openSUSE-SU-2019:2234-1)

2019-10-02 00:00:00

oraclelinux

nghttp2 security update

2019-09-10 00:00:00

nghttp2 security update

2020-07-06 00:00:00

nginx:1.14 security update

2019-09-19 00:00:00

ibm

Security Bulletin: IBM DataPower Gateway is affected by Denial of Service vulnerabilities

2021-06-08 21:47:38

Security Bulletin: IBM MQ Appliance affected by HTTP/2 vulnerabilities (CVE-2019-9511 and CVE-2019-9513)

2020-01-27 10:37:46

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

2020-01-08 18:55:26

redhat

(RHSA-2019:3041) Important: Red Hat OpenShift Service Mesh 1.0.1 RPMs

2019-10-14 16:45:27

(RHSA-2019:2692) Important: nghttp2 security update

2019-09-09 18:39:39

(RHSA-2019:2799) Important: nginx:1.14 security update

2019-09-17 08:45:10

amazon

Important: nghttp2

2019-09-30 21:03:00

Important: nghttp2

2019-10-08 21:43:00

Important: nginx

2019-09-30 21:06:00

debian

[SECURITY] [DSA 4511-1] nghttp2 security update

2019-09-01 21:08:06

[SECURITY] [DSA 4505-1] nginx security update

2019-08-22 19:38:21

[SECURITY] [DSA 4669-1] nodejs security update

2020-04-29 21:05:57

freebsd

nghttp2 -- multiple vulnerabilities

2019-08-13 00:00:00

NGINX -- Multiple vulnerabilities

2019-08-13 00:00:00

Node.js -- multiple vulnerabilities

2019-08-16 00:00:00

suse

Security update for nghttp2 (moderate)

2019-10-01 00:00:00

Security update for nghttp2 (moderate)

2019-10-01 00:00:00

Security update for nginx (moderate)

2019-10-06 00:00:00

archlinux

[ASA-201908-17] libnghttp2: denial of service

2019-08-27 00:00:00

[ASA-201908-12] nginx-mainline: denial of service

2019-08-16 00:00:00

[ASA-201908-13] nginx: denial of service

2019-08-16 00:00:00

fedora

[SECURITY] Fedora 29 Update: nghttp2-1.39.2-1.fc29

2019-08-27 18:38:08

[SECURITY] Fedora 30 Update: nghttp2-1.39.2-1.fc30

2019-08-23 01:27:34

[SECURITY] Fedora 30 Update: nginx-1.16.1-1.fc30

2019-08-22 01:18:25

osv

nghttp2 - security update

2019-09-01 00:00:00

Important: nginx:1.14 security update

2019-09-17 08:45:10

nginx - security update

2019-08-22 00:00:00

mageia

Updated nghttp2 packages fix security vulnerabilities

2019-09-28 04:05:09

Updated nginx packages fix security vulnerabilities

2019-11-30 16:06:06

rocky

nginx:1.14 security update

2019-09-17 08:45:10

hackerone

Localize: Nginx version is disclosed in HTTP response

2020-01-26 21:54:31

almalinux

Important: nginx:1.14 security update

2019-09-17 08:45:10

Important: nodejs:10 security update

2019-09-30 07:07:29

ubuntu

nginx vulnerabilities

2019-08-15 00:00:00

nghttp2 vulnerabilities

2024-04-25 00:00:00

K02591030 : HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517

2019-08-20 00:00:00

githubexploit

Exploit for Uncontrolled Resource Consumption in F5 Nginx

2020-12-22 10:16:11

redhatcve

CVE-2019-9513

2021-03-21 00:38:16

CVE-2019-9511

2020-11-01 17:54:29

debiancve

CVE-2019-9511

2019-08-13 21:15:00

CVE-2019-9513

2019-08-13 21:15:00

cbl_mariner

CVE-2019-9511 affecting package nginx 1.16.1-2

2021-06-14 15:32:58

CVE-2019-9513 affecting package nginx 1.16.1-2

2021-06-14 15:32:58

ubuntucve

CVE-2019-9513

2019-08-13 00:00:00

CVE-2019-9511

2019-08-13 00:00:00

symantec

Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability

2019-08-13 00:00:00

Microsoft Windows 'HTTP.sys' CVE-2019-9513 Denial of Service Vulnerability

2019-08-13 00:00:00

Nginx Vulnerabilities Jul 2017 - Oct 2019

2020-05-06 18:48:22

alpinelinux

CVE-2019-9513

2019-08-13 21:15:00

CVE-2019-9511

2019-08-13 21:15:00

cve

CVE-2019-9513

2019-08-13 21:15:00

CVE-2019-9511

2019-08-13 21:15:00

CVE-2023-34060

2023-11-14 21:15:09

mscve

HTTP/2 Server Denial of Service Vulnerability

2019-08-13 07:00:00

HTTP/2 Server Denial of Service Vulnerability

2019-08-13 07:00:00

prion

Code injection

2019-08-13 21:15:00

Design/Logic Flaw

2019-08-13 21:15:00

Authentication flaw

2023-11-14 21:15:00

nginx

Excessive CPU usage in HTTP/2 with small window updates

2019-08-13 21:15:00

Excessive CPU usage in HTTP/2 with priority changes

2019-08-13 21:15:00

veracode

Denial Of Service (DoS)

2019-09-13 00:40:24

Denial Of Service (DoS)

2019-09-13 00:40:24

photon

Critical Photon OS Security Update - PHSA-2023-4.0-0379

2023-04-19 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0298

2022-12-14 00:00:00

Critical Photon OS Security Update - PHSA-2023-3.0-0687

2023-11-15 00:00:00

altlinux

Security fix for the ALT Linux 10 package node version 10.16.3-alt1

2019-08-30 00:00:00

zdt

VMware Cloud Director 10.5 - Bypass identity verification Exploit

2024-03-12 00:00:00

VMware Cloud Director - Bypass identity verification Exploit

2023-12-08 00:00:00

packetstorm

VMware Cloud Director 10.5 Authentication Bypass

2024-03-13 00:00:00

vmware

VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).

2023-11-14 00:00:00

VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).

2023-11-14 00:00:00

exploitdb

VMware Cloud Director 10.5 - Bypass identity verification

2024-03-12 00:00:00

hivepro

VMware Unveils Critical Authentication Bypass Vulnerability in VCD Appliance

2023-11-17 08:07:39

thn

8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks

2019-08-14 08:19:00

nodejsblog

August 2019 Security Releases

2019-08-16 00:00:00

fortinet

HTTP/2 Multiple DoS Attacks (VU#605641)

2019-09-03 00:00:00

cloudfoundry

Various HTTP2 CVEs: Some Cloud Foundry products are impacted by HTTP denial of service attacks | Cloud Foundry

2019-12-03 00:00:00

myhack58

HTTP/2 denial of service attack vulnerability alerts-a vulnerability alert-the black bar safety net

2019-08-14 00:00:00

threatpost

HTTP Bugs Open Websites to DoS Attacks

2019-08-15 19:20:38

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.102 Low

EPSS

Percentile

94.8%

JSON

Related for PHSA-2023-4.0-0342