Описание
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.25.0-1 |
| devel | not-affected | 1.29.0-1 |
| esm-apps/xenial | not-affected | 1.7.1-1 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 1.6.0-1 |
| vivid | ignored | end of life |
Показывать по
10 Critical
CVSS2
10 Critical
CVSS3
Связанные уязвимости
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
The idle stream handling in nghttp2 before 1.6.0 allows attackers to h ...
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
Уязвимость библиотеки nghttp2, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
10 Critical
CVSS2
10 Critical
CVSS3