Lucene search
K

27 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 3:18 p.m.8 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP4 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.11471EPSS
Exploits8References12
Ubuntu
Ubuntu
added 2026/06/15 12:44 p.m.16 views

USN-8398-3: nginx vulnerability

USN-8398-1 fixed a vulnerability in nginx. The update caused a regression and was temporarily reverted in USN-8398-2. This update introduces a complete fix for CVE-2026-49975. We apologize for the inconvenience. Original advisory details: It was discovered that nginx incorrectly handled certain...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.7 views

MiracleLinux 8 : httpd:2.4 (AXSA:2026-786:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-786:01 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.19 views

AlmaLinux 10 : mod_http2 (ALSA-2026:25225)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:25225 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits7References3
GithubExploit
GithubExploit
added 2026/06/13 4:5 a.m.90 views

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destru...

7.5CVSS5.6AI score0.11471EPSS
Exploits7
OSV
OSV
added 2026/06/13 12:5 a.m.10 views

RLSA-2026:25225 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.11471EPSS
Exploits7References2
OSV
OSV
added 2026/06/13 12:3 a.m.11 views

RLSA-2026:25057 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.11471EPSS
Exploits7References2
OSV
OSV
added 2026/06/12 12:25 p.m.13 views

OESA-2026-2640 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A vulnerability was found in Apache HTTP Server Web Server affected version not known. It has been rated as critical.Using CWE to declare the problem leads to CWE-404. The product does not release or...

7.5CVSS5.2AI score0.11471EPSS
Exploits7References2
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2627 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects...

7.5CVSS5.2AI score0.11471EPSS
Exploits7References2
OSV
OSV
added 2026/06/12 12:24 p.m.11 views

OESA-2026-2611 mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: A vulnerability was found in Apache HTTP Server Web Server affected version not known. It has been rated as critical.Using CWE to declare the problem leads to CWE-404. Th...

7.5CVSS5.2AI score0.11471EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.7 views

RockyLinux 10 : mod_http2 (RLSA-2026:25225)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25225 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.7 views

RockyLinux 9 : mod_http2 (RLSA-2026:25057)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25057 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits7References3
Rockylinux
Rockylinux
added 2026/06/11 12:1 a.m.38 views

httpd:2.4 security update

An update is available for modhttp2, module.modmd, module.modhttp2, modmd, module.httpd, httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
OSV
OSV
added 2026/06/11 12:1 a.m.9 views

RLSA-2026:25090 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a CVSS scor...

7.5CVSS5.4AI score0.11471EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.23 views

AlmaLinux 8 : httpd:2.4 (ALSA-2026:25090)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:25090 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.4AI score0.11471EPSS
Exploits7References3
OSV
OSV
added 2026/06/11 12:0 a.m.8 views

ALSA-2026:25225 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.11471EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.25 views

AlmaLinux 9 : mod_http2 (ALSA-2026:25057)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:25057 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.4AI score0.11471EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.14 views

RHEL 8 : httpd:2.4 (RHSA-2026:25090)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25090 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP/2: Remote Denial of...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
OSV
OSV
added 2026/06/10 12:0 a.m.7 views

ALSA-2026:25090 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a CVSS scor...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
F5 Networks
F5 Networks
added 2026/06/09 1:51 a.m.38 views

K000161639: Apache HTTP Server mod_http2 (HTTP/2 Bomb) vulnerability CVE-2026-49975

Security Advisory Description Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67. CVE-2026-49975 Impact For products with None in the...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
Rows per page
Query Builder