43 matches found
EUVD-2019-18886
Malware in sbrugna...
EUVD-2019-8537
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-9513
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and...
Rocky Linux 8 : nginx:1.14 (RLSA-2019:2799)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2799 advisory. - Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of...
K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517
Security Advisory Description CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They...
SUSE CVE-2019-18836
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
SUSE: Security Advisory (SUSE-SU-2019:2309-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Juniper Junos OS Multiple DoS Vulnerabilities (JSA11167)
The version of Junos OS installed on the remote host is affected by multiple denial of service vulnerabilities as referenced in the JSA11167 advisory: - Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial o...
SUSE-SU-2021:0932-1 Security update for nghttp2
This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2020-11080: HTTP/2 Large Settings Frame DoS bsc1181358. - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service bsc1146184. - CVE-2019-9511: Fixed...
EulerOS 2.0 SP3 : nginx (EulerOS-SA-2021-1101)
According to the versions of the nginx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of...
EulerOS 2.0 SP2 : nginx (EulerOS-SA-2020-2372)
According to the versions of the nginx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of...
SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)
This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 jscSLE-8947. Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations bsc1146091. CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable t...
openSUSE: Security Advisory for nghttp2 (openSUSE-SU-2019:2232-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-18836
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
CVE-2019-18836
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
Design/Logic Flaw
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
CVE-2019-18836
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
Important: nghttp2
Issue Overview: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and...
openSUSE: Security Advisory for nginx (openSUSE-SU-2019:2264-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15 Security Update : nginx (SUSE-SU-2019:2559-1) (0-Length Headers Leak) (Data Dribble) (Resource Loop)
This update for nginx fixes the following issues : Security issues fixed : CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization bsc1145579. CVE-2019-9513: Fixed a denial of service caused by resource loops bsc1145580. CVE-2019-9516: Fixed a denial of...