Lucene search
+L

1090 matches found

OSV
OSV
added 2026/04/17 10:9 a.m.7 views

RHSA-2026:8540 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.7 views

RHSA-2026:8538 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.8 views

RHSA-2026:8539 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

MiracleLinux 9 : nodejs:22 (AXSA:2026-446:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-446:01 advisory. brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via...

9.8CVSS7.4AI score0.26356EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Oracle Linux 9 : nodejs:24 (ELSA-2026-7350)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7350 advisory. nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fi...

9.8CVSS6.7AI score0.26356EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...

9.8CVSS5.9AI score0.26356EPSS
Exploits5References10
Oracle linux
Oracle linux
added 2026/04/17 12:0 a.m.9 views

nodejs:20 security update

nodejs 1:20.20.2-1 - Update to version 20.20.2 - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...

8.7CVSS5.7AI score0.26356EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

MiracleLinux 8 : nghttp2-1.33.0-6.el8_10.2 (AXSA:2026-443:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-443:02 advisory. nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27135 Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 8:1 p.m.8 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/16 8:1 p.m.11 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 7:57 p.m.13 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 7:57 p.m.10 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/16 7:46 p.m.15 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/16 7:46 p.m.10 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 7:28 p.m.6 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/16 7:28 p.m.16 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 6:50 p.m.8 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/16 6:50 p.m.12 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 6:48 p.m.11 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 6:48 p.m.10 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
Rows per page
Query Builder