Количество 30
Количество 30
GHSA-89fc-749h-w2fj
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9511
HTTP/2 Server Denial of Service Vulnerability
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation ...
BDU:2019-03782
Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, связанная с неконтролируемым расходом ресурса, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-02994
Уязвимость реализации сетевого протокола HTTP/2 операционных систем Windows, сервера nginx, программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании
openSUSE-SU-2019:2234-1
Security update for nghttp2
openSUSE-SU-2019:2232-1
Security update for nghttp2
SUSE-SU-2019:2473-1
Security update for nghttp2
ELSA-2019-2692
ELSA-2019-2692: nghttp2 security update (IMPORTANT)
openSUSE-SU-2019:2264-1
Security update for nginx
SUSE-SU-2019:2559-1
Security update for nginx
RLSA-2019:2799
Important: nginx:1.14 security update
ELSA-2020-5862
ELSA-2020-5862: olcne nginx security update (IMPORTANT)
ELSA-2020-5859
ELSA-2020-5859: olcne nginx security update (IMPORTANT)
ELSA-2019-2799
ELSA-2019-2799: nginx:1.14 security update (IMPORTANT)
SUSE-SU-2021:0932-1
Security update for nghttp2
openSUSE-SU-2019:2120-1
Security update for nginx
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-89fc-749h-w2fj Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | CVSS3: 7.5 | 14% Средний | около 3 лет назад |
 | CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | CVSS3: 7.5 | 14% Средний | почти 6 лет назад |
 | CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | CVSS3: 6.5 | 14% Средний | почти 6 лет назад |
 | CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | CVSS3: 7.5 | 14% Средний | почти 6 лет назад |
 | CVE-2019-9511 HTTP/2 Server Denial of Service Vulnerability | CVSS3: 7.5 | 14% Средний | почти 6 лет назад |
| CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation ... | CVSS3: 7.5 | 14% Средний | почти 6 лет назад |
 | BDU:2019-03782 Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, связанная с неконтролируемым расходом ресурса, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 14% Средний | около 6 лет назад |
| BDU:2019-02994 Уязвимость реализации сетевого протокола HTTP/2 операционных систем Windows, сервера nginx, программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 14% Средний | почти 6 лет назад |
 | openSUSE-SU-2019:2234-1 Security update for nghttp2 | больше 5 лет назад | ||
| openSUSE-SU-2019:2232-1 Security update for nghttp2 | больше 5 лет назад | ||
| SUSE-SU-2019:2473-1 Security update for nghttp2 | больше 5 лет назад | ||
| ELSA-2019-2692 ELSA-2019-2692: nghttp2 security update (IMPORTANT) | почти 6 лет назад | ||
| openSUSE-SU-2019:2264-1 Security update for nginx | больше 5 лет назад | ||
| SUSE-SU-2019:2559-1 Security update for nginx | больше 5 лет назад | ||
 | RLSA-2019:2799 Important: nginx:1.14 security update | почти 6 лет назад | ||
| ELSA-2020-5862 ELSA-2020-5862: olcne nginx security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2020-5859 ELSA-2020-5859: olcne nginx security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2019-2799 ELSA-2019-2799: nginx:1.14 security update (IMPORTANT) | почти 6 лет назад | ||
| SUSE-SU-2021:0932-1 Security update for nghttp2 | около 4 лет назад | ||
| openSUSE-SU-2019:2120-1 Security update for nginx | почти 6 лет назад |
Уязвимостей на страницу