Lucene search
+L

4 matches found

OSV
OSV
added 2026/07/08 6:3 p.m.5 views

RLSA-2026:36639 Important: nginx:1.26 security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

8.1CVSS7.3AI score0.03552EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2026/07/08 12:0 a.m.6 views

Important: nginx:1.24 security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

9.2CVSS7.9AI score0.03552EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/06/09 2:27 a.m.15 views

SUSE CVE-2026-10725

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.38 views

PT-2026-47148

Name of the Vulnerable Software and Affected Versions Protocol::HTTP2 versions prior to 1.13 Description The software is susceptible to an HTTP/2 Bomb, where a small request can expand into large server memory consumption. This occurs because the inbound HPACK path lacks a header-list size limit...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References26
Rows per page
Query Builder