9 matches found
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2020-11080
In nghttp2, CVE-2020-11080 is a denial-of-service vulnerability caused by an overly large HTTP/2 SETTINGS frame payload in versions before 1.41.0. A PoC repeatedly sends a 14,400-byte SETTINGS frame (2400 settings entries), spiking CPU. The issue is mitigated by upgrading to nghttp2 1.41.0 or lat...
CVE-2024-28182
CVE-2024-28182 affects nghttp2
CVE-2023-35945
CVE-2023-35945 affects Envoy’s HTTP/2 codec. The root cause is in nghttp2 cleanup: after RST_STREAM and subsequent GOAWAY, cleanup of pending requests skips deallocation, leaking header/bookkeeping structures and causing memory exhaustion (DoS). Patched in these versions: 1.26.3, 1.25.8, 1.24.9, ...
CVE-2018-1000168
CVE-2018-1000168 affects nghttp2 versions 1.10.0 through 1.31.0, where an improper input validation in ALTSVC frame handling can cause a segmentation fault and denial of service. The vulnerability is exploitable via network clients. Public advisories confirm the issue is fixed in nghttp2 >= 1....
CVE-2026-27135
CVE-2026-27135 affects the nghttp2 library (C). Before version 1.68.1, when applications call the public APIs nghttp2_session_terminate_session or nghttp2_session_terminate_session2, the library fails to validate internal state and continues reading the incoming data. This can cause a malformed f...
CVE-2015-8659
CVE-2015-8659 describes a heap-use-after-free in nghttp2’s idle stream handling, affecting nghttp2 versions prior to 1.6.0. Public documents associate this family of issue with nghttp2 prior to 1.6.0 potentially enabling remote code execution (as cited by Apple’s tvOS/iOS security notes and Gento...
CVE-2026-58055
nghttp2 nghttpx (up to version 1.69.0) is affected. The proxy forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body to reusable keep-alive backend connections, re-adding Upgrade and Connection headers while passing Content-Length verbatim. This creates an ambiguo...
CVE-2016-1544
CVE-2016-1544 affects nghttp2 up to version 1.7.0, where remote attackers could exhaust memory by sending unlimited incoming HTTP header fields, causing Denial of Service. Connected documents confirm the root cause as unbounded header field processing and show remediation through upgrading to ngh...