Lucene search
K

1079 matches found

RedHat Linux
RedHat Linux
added 2026/04/20 2:56 a.m.10 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.7 views

MiracleLinux 8 : nodejs:24 (AXSA:2026-465:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-465:01 advisory. nodejs: Nodejs denial of service CVE-2026-21637 minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 undici:...

9.8CVSS7AI score0.26356EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.6 views

Oracle Linux 8 : nodejs:20 (ELSA-2026-8339)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8339 advisory. - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904...

9.2CVSS6.7AI score0.26356EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.4 views

MiracleLinux 8 : nodejs:20 (AXSA:2026-464:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-464:01 advisory. minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 minimatch: Minimatch: Denial of Service via catastrophic...

8.7CVSS7.4AI score0.26356EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/04/19 12:0 a.m.7 views

MiracleLinux 9 : nodejs:20 (AXSA:2026-452:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-452:01 advisory. minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 minimatch: Minimatch: Denial of Service via catastrophic...

8.7CVSS7.4AI score0.26356EPSS
Exploits2References5
OSV
OSV
added 2026/04/17 10:9 a.m.6 views

RHSA-2026:8547 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.5 views

RHSA-2026:8548 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.6 views

RHSA-2026:8545 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.8 views

RHSA-2026:8546 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.6 views

RHSA-2026:8540 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.5 views

RHSA-2026:8541 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.7 views

RHSA-2026:8539 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References9
OSV
OSV
added 2026/04/17 10:9 a.m.7 views

RHSA-2026:8538 Red Hat Security Advisory: nghttp2 security update

Bulletin has no description...

7.5CVSS7AI score0.00775EPSS
Exploits0References9
Oracle linux
Oracle linux
added 2026/04/17 12:0 a.m.9 views

nodejs:20 security update

nodejs 1:20.20.2-1 - Update to version 20.20.2 - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...

8.7CVSS5.7AI score0.26356EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

MiracleLinux 8 : nghttp2-1.33.0-6.el8_10.2 (AXSA:2026-443:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-443:02 advisory. nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27135 Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...

9.8CVSS5.9AI score0.26356EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Oracle Linux 9 : nodejs:24 (ELSA-2026-7350)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7350 advisory. nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fi...

9.8CVSS6.7AI score0.26356EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

MiracleLinux 9 : nodejs:22 (AXSA:2026-446:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-446:01 advisory. brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via...

9.8CVSS7.4AI score0.26356EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2026/04/16 8:1 p.m.10 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 8:1 p.m.8 views

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...

7.5CVSS7AI score0.00775EPSS
Exploits0References6
Rows per page
Query Builder