nginx prior to 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 nginx |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
||
opensuse leap 15.1 |
||
apple xcode |