Lucene search
F5F5:K28902827HistoryOct 04, 2018 - 12:00 a.m.
K28902827 : Apache mod_http2 vulnerability CVE-2018-11763
2018-10-0400:00:00
my.f5.com
22
Security Advisory Description
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:3101-1)
2021-06-09 00:00:00
Fedora Update for mod_http2 FEDORA-2018-6ffb18592f
2018-10-16 00:00:00
nessus
nessus
openSUSE Security Update : apache2 (openSUSE-2019-791)
2019-03-27 00:00:00
SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-1)
2018-10-31 00:00:00
SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-2)
2018-12-06 00:00:00
freebsd
freebsd
Apache -- Denial of service vulnerability in HTTP/2
2018-09-25 00:00:00
httpd
httpd
Apache Httpd < 2.4.35 : DoS for HTTP/2 connections by continuous SETTINGS
2018-07-18 00:00:00
nvd
nvd
CVE-2018-11763
2018-09-25 21:29:00
suse
suse
Security update for apache2 (important)
2018-10-17 06:14:48
Security update for apache2 (important)
2018-11-10 00:25:46
Security update for virtualbox (important)
2019-01-25 00:00:00
osv
osv
CVE-2018-11763
2018-09-25 21:29:00
redhatcve
redhatcve
CVE-2018-11763
2019-12-21 09:33:40
kaspersky
kaspersky
KLA12363 DoS vulnerability in Apache HTTP Server
2021-09-29 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: mod_http2-1.11.1-1.fc28
2018-10-15 10:47:22
[SECURITY] Fedora 29 Update: mod_http2-1.11.1-1.fc29
2018-10-30 17:44:04
[SECURITY] Fedora 29 Update: mod_http2-1.14.1-1.fc29
2019-03-21 14:42:38
cvelist
cvelist
CVE-2018-11763
2018-09-25 00:00:00
amazon
amazon
Medium: httpd
2019-01-23 23:31:00
Medium: mod_http2
2018-11-07 22:11:00
Medium: httpd24
2018-12-13 17:29:00
ibm
ibm
debiancve
debiancve
CVE-2018-11763
2018-09-25 21:29:00
prion
prion
Design/Logic Flaw
2018-09-25 21:29:00
alpinelinux
alpinelinux
CVE-2018-11763
2018-09-25 21:29:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:21:42
Denial Of Service
2019-05-16 03:38:52
Path Traversal
2019-05-16 03:38:52
cve
cve
CVE-2018-11763
2018-09-25 21:29:00
zdi
zdi
Apache2 mod_http2 header Denial of Service Vulnerability
2018-12-10 00:00:00
ubuntucve
ubuntucve
CVE-2018-11763
2018-09-25 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2018-10-03 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2018-11-20 14:11:24
redhat
redhat
(RHSA-2019:0367) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
2019-02-18 16:47:10
(RHSA-2019:0366) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1 security update
2019-02-18 16:45:31
(RHSA-2018:3558) Moderate: httpd24 security, bug fix, and enhancement update
2018-11-13 08:00:33
photon
photon
symantec
symantec
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
2018-11-07 08:01:01
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00