Lucene search
K

494 matches found

RedHat Linux
RedHat Linux
added 6 days ago4 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS6.6AI score0.04409EPSS
Exploits1References5
Rockylinux
Rockylinux
added 2026/07/07 12:5 p.m.4 views

mod_http2 security, bug fix, and enhancement update

An update is available for modhttp2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top o...

7.3CVSS6.6AI score0.00525EPSS
Exploits0
OSV
OSV
added 2026/07/07 12:5 p.m.6 views

RLSA-2026:34355 Moderate: mod_http2 security, bug fix, and enhancement update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: Apache HTTP Server modhttp2: Use After Free vulnerability allows arbitrary code execution or denial of service. CVE-2026-48913 httpd: Apache HTTP Server:...

7.3CVSS6.6AI score0.00525EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 10:17 a.m.5 views

RHSA-2026:34355 Red Hat Security Advisory: mod_http2 security, bug fix, and enhancement update

Bulletin has no description...

7.3CVSS5.7AI score0.00525EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2026/07/01 4:54 p.m.7 views

Moderate: Red Hat Security Advisory: mod_http2 security, bug fix, and enhancement update

An update for modhttp2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.3CVSS6.4AI score0.00525EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 12:0 a.m.4 views

ALSA-2026:34355 Moderate: mod_http2 security, bug fix, and enhancement update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: Apache HTTP Server modhttp2: Use After Free vulnerability allows arbitrary code execution or denial of service. CVE-2026-48913 httpd: Apache HTTP Server:...

7.3CVSS6.4AI score0.00525EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Oracle Linux 9 : mod_http2 (ELSA-2026-22551)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-22551 advisory. - Resolves: RHEL-182417 - modhttp2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the...

7.5CVSS5.9AI score0.11471EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Oracle Linux 9 : mod_http2 (ELSA-2026-25057)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-25057 advisory. - Resolves: RHEL-182417 - modhttp2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References2
Oracle linux
Oracle linux
added 2026/06/23 12:0 a.m.9 views

mod_http2 security update

2.0.26-6.1 - Resolves: RHEL-182417 - modhttp2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 2.0.26-6 - Resolves: RHEL-166293 - httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020...

7.5CVSS5.8AI score0.11471EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : mod_http2 (ALAS2023-2026-1859)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1859 advisory. Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. CVE-2026-48913...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2 : mod_http2, --advisory ALAS2-2026-3372 (ALAS-2026-3372)

The version of modhttp2 installed on the remote host is prior to 2.0.42-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3372 advisory. Denial of service in HTTP/2 cookie request header counting CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.27 views

AlmaLinux 10 : mod_http2 (ALSA-2026:25225)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:25225 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References3
Rockylinux
Rockylinux
added 2026/06/13 12:3 a.m.18 views

mod_http2 security update

An update is available for modhttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of...

7.5CVSS5.5AI score0.11471EPSS
Exploits8
OSV
OSV
added 2026/06/12 12:24 p.m.13 views

OESA-2026-2611 mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: A vulnerability was found in Apache HTTP Server Web Server affected version not known. It has been rated as critical.Using CWE to declare the problem leads to CWE-404. Th...

7.5CVSS5.2AI score0.11471EPSS
Exploits8References2
OSV
OSV
added 2026/06/12 10:7 a.m.37 views

RHSA-2026:25225 Red Hat Security Advisory: mod_http2 security update

Bulletin has no description...

7.5CVSS4.8AI score0.11471EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

RockyLinux 9 : mod_http2 (RLSA-2026:25057)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25057 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References3
OSV
OSV
added 2026/06/11 10:9 a.m.7 views

RHSA-2026:25057 Red Hat Security Advisory: mod_http2 security update

Bulletin has no description...

7.5CVSS5.2AI score0.11471EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.27 views

AlmaLinux 9 : mod_http2 (ALSA-2026:25057)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:25057 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

7.5CVSS5.4AI score0.11471EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.20 views

RHEL 10 : mod_http2 (RHSA-2026:25225)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25225 advisory. The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remot...

7.5CVSS5.5AI score0.11471EPSS
Exploits8References4
RedHat Linux
RedHat Linux
added 2026/06/10 11:31 a.m.37 views

Important: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.5AI score0.11471EPSS
Exploits8References2
Rows per page
Query Builder