Lucene search
Nghttp2 Security Vulnerabilities - 2020
cve
nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).
3.3CVSS
4AI Score
0.001EPSS
2020-02-06 03:15 PM
45
cve
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes th...
7.5CVSS
7.7AI Score
0.012EPSS
2020-06-03 11:15 PM
446
3