77 matches found
EulerOS 2.0 SP15 : nghttp2 (EulerOS-SA-2026-2494)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
Photon OS 4.0: Nghttp2 PHSA-2026-4.0-1002
An update of the nghttp2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1002. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
MGASA-2026-0199 Updated nghttp2 packages fix security vulnerability
Denial of service: Assertion failure due to missing state validation. CVE-2026-27135...
Updated nghttp2 packages fix security vulnerability
Denial of service: Assertion failure due to missing state validation. CVE-2026-27135...
EulerOS Virtualization 2.13.0 : nghttp2 (EulerOS-SA-2026-2409)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS 2.0 SP13 : nghttp2 (EulerOS-SA-2026-2346)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
EulerOS 2.0 SP13 : nghttp2 (EulerOS-SA-2026-2303)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
EulerOS Virtualization 2.10.1 : nghttp2 (EulerOS-SA-2026-2030)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2026-2082)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
TencentOS Server 3: nodejs:20 (TSSA-2026:0327)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0327 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Debian dsa-6266 : libnghttp2-14 - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6266 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6266-1 [email protected] https://www.debian.org/security/...
[SECURITY] [DLA 4581-1] nghttp2 security update
Debian LTS Advisory DLA-4581-1 [email protected] https://www.debian.org/lts/security/ Lukas Märdian May 13, 2026 https://wiki.debian.org/LTS Package : nghttp2 Version : 1.43.0-1+deb11u3 CVE ID : CVE-2026-27135 Debian Bug : 1131369 A vulnerabilitie was discovered in nghttp2, a server,...
Debian dla-4581 : libnghttp2-14 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4581 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4581-1 [email protected] https://www.debian.org/lts/security/...
CLSA-2026-1777974095 nghttp2: Fix of CVE-2026-27135
CVE-2026-27135: fix missing iframe-state validations to avoid assertion failure...
RHEL 9 : nodejs:20 (RHSA-2026:9711)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9711 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...
Important: Red Hat Security Advisory: nghttp2 security update
An update for nghttp2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RHEL 10 : nghttp2 (RHSA-2026:8868)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8868 advisory. libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: nghttp2: nghttp2: Denial of...
Oracle Linux 8 : nodejs:20 (ELSA-2026-8339)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8339 advisory. - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904...
RHEL 9 : nghttp2 (RHSA-2026:8546)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:8546 advisory. libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: nghttp2: nghttp2: Denial of...
Important: Red Hat Security Advisory: nghttp2 security update
An update for nghttp2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...