Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.10 views

EulerOS 2.0 SP15 : nghttp2 (EulerOS-SA-2026-2453)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...

9.8CVSS5.9AI score0.26356EPSS
Exploits5References10
RedHat Linux
RedHat Linux
added 2026/04/16 7:28 p.m.15 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.4 views

RockyLinux 8 : nghttp2 (RLSA-2026:7667)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:7667 advisory. nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27135 Tenable has extracted the preceding description block...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Amazon Linux 2 : nghttp2, --advisory ALAS2-2026-3232 (ALAS-2026-3232)

The version of nghttp2 installed on the remote host is prior to 1.41.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3232 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/13 2:25 a.m.13 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6.7AI score0.00775EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/03 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2026:20925-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/03/26 12:39 p.m.4 views

Security update for nghttp2

This update for nghttp2 fixes the following issues: CVE-2026-27135: Assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

8.2CVSS5.8AI score0.00775EPSS
Exploits0References4
OSV
OSV
added 2026/03/26 12:39 p.m.1 views

SUSE-SU-2026:1074-1 Security update for nghttp2

This update for nghttp2 fixes the following issues: - CVE-2026-27135: Assertion failure due to missing state validation can lead to DoS bsc1259845...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2026/03/25 10:53 p.m.6 views

CVE-2026-27135 affecting package nghttp2 for versions less than 1.61.0-3

CVE-2026-27135 affecting package nghttp2 for versions less than 1.61.0-3. A patched version of the package is available...

7.5CVSS5.8AI score0.00775EPSS
Exploits0
Rows per page
Query Builder