28 matches found
RHEL 7 : rh-nginx114-nginx (RHSA-2018:3681)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3681 advisory. - nginx: Excessive memory consumption via flaw in HTTP/2 implementation CVE-2018-16843 - nginx: Excessive CPU usage via flaw in HTTP/2...
Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities
According to it's self reported version, the installed version of Nginx Plus is R1 built on Open Source version 1.5.3-1 prior to R15-P2 or R16 built on Open Source version 1.15.2 prior to R16-P1. It is, therefore, affected by the following issues : - An unspecified error exists related to the...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - nginx (CVE-2018-16844, CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)
Summary Security Vulnerabilities affect IBM Cloud Private - nginx Vulnerability Details CVEID: CVE-2018-16844 DESCRIPTION: nginx is vulnerable to a denial of service, caused by a flaw when complied with ngxhttpv2module. By sending a specially-crafted HTTP/2 request, a remote attacker could exploi...
Mageia: Security Advisory (MGASA-2018-0459)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
About the security content of Xcode 13
About the security content of Xcode 13 This document describes the security content of Xcode 13. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recen...
SUSE: Security Advisory (SUSE-SU-2019:0334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nginx Vulnerabilities Jul 2017 - Oct 2019
Summary Symantec SWG products using affected versions of Nginx may be susceptible to multiple Nginx vulnerabilities. A remote attacker can use crafted requests to obtain sensitive information or cause denial of service. An attacker can also obtain sensitive information or cause denial of service ...
Huawei EulerOS: Security Advisory for nginx (EulerOS-SA-2019-2084)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for nginx (openSUSE-SU-2019:2120-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : nginx (openSUSE-2019-2120) (0-Length Headers Leak) (Data Dribble) (Resource Loop)
This update for nginx fixes the following issues : Security issues fixed : - CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization bsc1145579. - CVE-2019-9513: Fixed a denial of service caused by resource loops bsc1145580. - CVE-2019-9516: Fixed a deni...
Security Bulletin: API Connect V2018 is impacted by a vulnerability in nginx (CVE-2018-16843 CVE-2018-16844)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-16843 DESCRIPTION: nginx is vulnerable to a denial of service, caused by a flaw when complied with ngxhttpv2module. By sending a specially-crafted HTTP/2 request, a remote attacker could explo...
Nginx 1.15.x < 1.15.6 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.x prior to 1.14.1 or 1.15.x prior to 1.15.6. It is, therefore, affected by the following issues : - An unspecified error exists related to the module 'ngxhttpv2module' that allows excessive memory usage. CVE-2018-16843 -...
Nginx 1.x < 1.14.1 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.x prior to 1.14.1 or 1.15.x prior to 1.15.6. It is, therefore, affected by the following issues : - An unspecified error exists related to the module 'ngxhttpv2module' that allows excessive memory usage. CVE-2018-16843 -...
openSUSE: Security Advisory for nginx (openSUSE-SU-2019:0195-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : nginx (openSUSE-2019-195)
This update for nginx fixes the following issues : nginx was updated to 1.14.2 : - Bugfix: nginx could not be built on Fedora 28 Linux. - Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux. - Change: the logging level of the 'http request...
Fedora 29 : 1:nginx (2018-7c540fdab4)
Security fix for CVE-2018-16843, CVE-2018-16844, CVE-2018-16845 + nginx rebase to 1.14.1. ---- New version 1.14.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
Amazon Linux AMI : nginx (ALAS-2018-1125)
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngxhttpv2module not compiled by default if the 'http2' option of the 'listen' directive is used in a configuratio...
Important: Red Hat Security Advisory: rh-nginx114-nginx security update
An update for rh-nginx114-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: rh-nginx112-nginx security update
An update for rh-nginx112-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
[SECURITY] [DSA 4335-1] nginx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4335-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 08, 2018 https://www.debian.org/security/faq -...