PT-2018-2562 · Nginx +4 · Nginx +4

Name of the Vulnerable Software and Affected Versions: nginx versions 1.14.0 through 1.14.1 nginx versions 1.15.0 through 1.15.6 Description: The issue is related to the implementation of HTTP/2 in nginx, which can lead to excessive CPU usage. This problem affects nginx compiled with the ngx http...

The vulnerability of the HTTP/2 module of the Apache Traffic Server allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the HTTP/2 module in the Apache Traffic Server exists due to improper handling of HTTP/2 requests. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the HTTP/2 module of the Apache Traffic Server allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the HTTP/2 module in the Apache Traffic Server exists due to improper handling of HTTP/2 requests. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data...

BSA-2017-105

Security Advisory ID : BSA-2017-105 Component : Apache HTTPD Revision : 2.0: Final The Apache HTTP Server 2.4.18 through 2.4.20, when modhttp2 and modssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attacker...

PT-2016-7559

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.23 Description The issue is related to the mod http2 module in the Apache HTTP Server, which does not restrict request-header length when the Protocols configuration includes h2 or h2c. This allow...