curl: HTTP/2 PUSH_PROMISE DoS

Vulnerability description not provided...

FreeBSD : nghttp2 -- multiple vulnerabilities (121fec01-c042-11e9-a73f-b36f5969f162) (Data Dribble) (Resource Loop)

nghttp2 GitHub releases : This release fixes CVE-2019-9511 'Data Dribble' and CVE-2019-9513 'Resource Loop' vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out...

nghttp2 -- multiple vulnerabilities

nghttp2 GitHub releases: This release fixes CVE-2019-9511 "Data Dribble" and CVE-2019-9513 "Resource Loop" vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out...

Fedora 23 : nghttp2-1.7.1-1.fc23 (2016-ac861a840e)

CVE-2016-1544: Out of memory in nghttpd, nghttp, and libnghttp2asio applications due to unlimited incoming HTTP header fields: https://github.com/tatsuhiro-t/nghttp2/releases/tag/v1.7.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

nghttp2 -- Out of memory in nghttpd, nghttp, and libnghttp2_asio

Nghttp2 reports: Out of memory in nghttpd, nghttp, and libnghttp2asio applications due to unlimited incoming HTTP header fields. nghttpd, nghttp, and libnghttp2asio applications do not limit the memory usage for the incoming HTTP header field. If peer sends specially crafted HTTP/2 HEADERS frames...