| Max CVSS | 7.8 | Min CVSS | 5.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-9511 | 7.8 |
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. T
|
12-08-2022 - 18:43 | 13-08-2019 - 21:15 | |
| CVE-2019-9513 | 7.8 |
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the
|
12-08-2022 - 18:41 | 13-08-2019 - 21:15 | |
| CVE-2019-9516 | 6.8 |
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater h
|
05-08-2022 - 14:52 | 13-08-2019 - 21:15 | |
| CVE-2018-16845 | 5.8 |
nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using
|
22-02-2022 - 19:27 | 07-11-2018 - 14:29 | |
| CVE-2018-16843 | 7.8 |
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option
|
22-02-2022 - 19:27 | 07-11-2018 - 14:29 | |
| CVE-2018-16844 | 7.8 |
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the '
|
22-02-2022 - 19:27 | 07-11-2018 - 14:29 |