1079 matches found
EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2256)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2219)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.2)
The version of AHV installed on the remote host is prior to AHV-11.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.2 advisory. - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconc...
EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2026-2107)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2026-2082)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS Virtualization 2.10.0 : nghttp2 (EulerOS-SA-2026-2057)
According to the versions of the nghttp2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS Virtualization 2.10.1 : nghttp2 (EulerOS-SA-2026-2030)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.43 bug fix and security update
Red Hat OpenShift Container Platform release 4.18.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...
CVE-2026-10117
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogspoolidcalloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could...
CVE-2026-10117
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogspoolidcalloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could...
CVE-2026-10117
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogspoolidcalloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could...
CVE-2026-10117 Open5GS nghttp2-server.c ogs_pool_id_calloc denial of service
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogspoolidcalloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could...
CVE-2026-10117
The CVE concerns Open5GS up to 2.7.7. The issue affects the ogs_pool_id_calloc function in /lib/sbi/nghttp2-server.c. A manipulation can remotely trigger a denial of service. Public exploit availability is noted. Remediation guidance: apply the official patch/update to resolve the vulnerability (...
CVE-2026-10117 Open5GS nghttp2-server.c ogs_pool_id_calloc denial of service
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogspoolidcalloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could...
PT-2026-45094
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs pool id calloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 bug fix and security update
Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...
TencentOS Server 3: nghttp2 (TSSA-2026:0385)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0385 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.54 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.54 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
Astra Linux – Vulnerability in nghttp2
nghttp2 is an implementation of the Hypertext Transfer Protocol Version 2 in C. The nghttp2 library prior to version 1.61.0 continued to read an unlimited number of HTTP/2 CONTINUATION frames even after a stream was reset, in order to keep the HPACK context synchronized. This caused excessive CPU...
Astra Linux – Vulnerability in Apache2
HTTP/2 incoming headers that exceed the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client continues to send headers, this can lead to memory exhaustion...