rpm package
suse/nghttp2&distro=SUSE Linux Enterprise Server 15-LTSS
pkg:rpm/suse/nghttp2&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11080 | — | < 1.40.0-3.11.1 | 1.40.0-3.11.1 | Jun 3, 2020 | In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T |
- CVE-2020-11080Jun 3, 2020affected < 1.40.0-3.11.1fixed 1.40.0-3.11.1
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T