First published: Mon Sep 09 2019(Updated: )
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C.<br>Security Fix(es):<br><li> HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511)</li> <li> HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/nghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debugsource | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debugsource | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debuginfo | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2-debugsource | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2 | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
redhat/libnghttp2-debuginfo | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
redhat/nghttp2-debuginfo | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
redhat/nghttp2-debugsource | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
redhat/libnghttp2-devel | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-devel | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-devel | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/nghttp2 | <1.33.0-1.el8_0.1 | 1.33.0-1.el8_0.1 |
redhat/libnghttp2-devel | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
redhat/nghttp2 | <1.33.0-1.el8_0.1.aa | 1.33.0-1.el8_0.1.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.