exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 10

GHSA-q6fc-wp2r-hvq3

больше 3 лет назад

nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.

CVSS3: 7.5

EPSS: Низкий

CVE-2018-1000168

больше 7 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2018-1000168

больше 7 лет назад

CVSS3: 5.9

EPSS: Низкий

CVE-2018-1000168

больше 7 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2018-1000168

больше 4 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2018-1000168

больше 7 лет назад

nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper ...

CVSS3: 7.5

EPSS: Низкий

openSUSE-SU-2018:1963-1

больше 7 лет назад

Security update for nodejs8

EPSS: Низкий

SUSE-SU-2018:1918-1

больше 7 лет назад

Security update for nodejs8

EPSS: Низкий

SUSE-SU-2021:0932-1

больше 4 лет назад

Security update for nghttp2

EPSS: Низкий

SUSE-SU-2019:14246-1

почти 6 лет назад

Security update for Mozilla Firefox

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-q6fc-wp2r-hvq3 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.	CVSS3: 7.5	4% Низкий	больше 3 лет назад
CVE-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.	CVSS3: 7.5	4% Низкий	больше 7 лет назад
CVE-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.	CVSS3: 5.9	4% Низкий	больше 7 лет назад
CVE-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.	CVSS3: 7.5	4% Низкий	больше 7 лет назад
CVE-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.	CVSS3: 7.5	4% Низкий	больше 4 лет назад
CVE-2018-1000168 nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper ...	CVSS3: 7.5	4% Низкий	больше 7 лет назад
openSUSE-SU-2018:1963-1 Security update for nodejs8			больше 7 лет назад
SUSE-SU-2018:1918-1 Security update for nodejs8			больше 7 лет назад
SUSE-SU-2021:0932-1 Security update for nghttp2			больше 4 лет назад
SUSE-SU-2019:14246-1 Security update for Mozilla Firefox			почти 6 лет назад

Уязвимостей на страницу