Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

PhotonPHSA-2023-4.0-0342

HistoryFeb 28, 2023 - 12:00 a.m.

Vulners
/
Photon
/
Important Photon OS Security Update - PHSA-2023-4.0-0342

Important Photon OS Security Update - PHSA-2023-4.0-0342

2023-02-2800:00:00

github.com

photon os

security update

update

nginx

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.078

Percentile

94.3%

JSON

Updates of [‘nginx’] packages of Photon OS have been released.

OSVersionArchitecturePackageVersionFilename
Photon4.0x86_64nginx< 1.22.0-4.ph4nginx-1.22.0-4.ph4.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Photon	4.0	x86_64	nginx	< 1.22.0-4.ph4	nginx-1.22.0-4.ph4.x86_64.rpm

fedora 8

suse 6

archlinux 3

openvas 31

nessus 54

oraclelinux 4

amazon 3

redhat 10

ibm 11

debian 3

freebsd 3

mageia 2

osv 9

rocky 1

almalinux 2

ubuntu 3

hackerone 1

f5 1

githubexploit 1

symantec 3

redhatcve 2

mscve 2

alpinelinux 2

cve 5

cbl_mariner 2

debiancve 2

cvelist 4

nvd 4

ubuntucve 2

prion 3

veracode 2

nginx 2

photon 3

altlinux 1

myhack58 1

threatpost 1

fortinet 1

cloudfoundry 1

fedora

[SECURITY] Fedora 30 Update: nghttp2-1.39.2-1.fc30

2019-08-23 01:27:34

[SECURITY] Fedora 29 Update: nghttp2-1.39.2-1.fc29

2019-08-27 18:38:08

[SECURITY] Fedora 30 Update: nginx-1.16.1-1.fc30

2019-08-22 01:18:25

suse

Security update for nghttp2 (moderate)

2019-10-01 00:00:00

Security update for nghttp2 (moderate)

2019-10-01 00:00:00

Security update for nginx (moderate)

2019-10-06 00:00:00

archlinux

[ASA-201908-17] libnghttp2: denial of service

2019-08-27 00:00:00

[ASA-201908-12] nginx-mainline: denial of service

2019-08-16 00:00:00

[ASA-201908-13] nginx: denial of service

2019-08-16 00:00:00

openvas

openSUSE: Security Advisory for nghttp2 (openSUSE-SU-2019:2234-1)

2019-10-02 00:00:00

Fedora Update for nghttp2 FEDORA-2019-81985a8858

2019-08-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:2473-1)

2021-06-09 00:00:00

nessus

Photon OS 4.0: Nginx PHSA-2023-4.0-0342

2024-07-23 00:00:00

Fedora 30 : nghttp2 (2019-81985a8858) (Data Dribble) (Resource Loop)

2019-08-23 00:00:00

Oracle Linux 8 : nghttp2 (ELSA-2019-2692) (Data Dribble) (Resource Loop)

2019-09-11 00:00:00

oraclelinux

nghttp2 security update

2019-09-10 00:00:00

nginx:1.14 security update

2019-09-19 00:00:00

nghttp2 security update

2020-07-06 00:00:00

amazon

Important: nghttp2

2019-09-30 21:03:00

Important: nghttp2

2019-10-08 21:43:00

Important: nginx

2019-09-30 21:06:00

redhat

(RHSA-2019:3041) Important: Red Hat OpenShift Service Mesh 1.0.1 RPMs

2019-10-14 16:45:27

(RHSA-2019:2692) Important: nghttp2 security update

2019-09-09 18:39:39

(RHSA-2019:2949) Important: httpd24-httpd and httpd24-nghttp2 security update

2019-10-01 11:23:22

ibm

Security Bulletin: IBM DataPower Gateway is affected by Denial of Service vulnerabilities

2021-06-08 21:47:38

Security Bulletin: IBM MQ Appliance affected by HTTP/2 vulnerabilities (CVE-2019-9511 and CVE-2019-9513)

2020-01-27 10:37:46

Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private Kubernetes

2019-11-23 16:58:10

debian

[SECURITY] [DSA 4511-1] nghttp2 security update

2019-09-01 21:08:06

[SECURITY] [DSA 4505-1] nginx security update

2019-08-22 19:38:21

[SECURITY] [DSA 4669-1] nodejs security update

2020-04-29 21:05:57

freebsd

nghttp2 -- multiple vulnerabilities

2019-08-13 00:00:00

NGINX -- Multiple vulnerabilities

2019-08-13 00:00:00

Node.js -- multiple vulnerabilities

2019-08-16 00:00:00

mageia

Updated nghttp2 packages fix security vulnerabilities

2019-09-28 04:05:09

Updated nginx packages fix security vulnerabilities

2019-11-30 16:06:06

osv

nghttp2 - security update

2019-09-01 00:00:00

Important: nginx:1.14 security update

2019-09-17 08:45:10

Important: nginx:1.14 security update

2019-09-17 08:45:10

rocky

nginx:1.14 security update

2019-09-17 08:45:10

almalinux

Important: nginx:1.14 security update

2019-09-17 08:45:10

Important: nodejs:10 security update

2019-09-30 07:07:29

ubuntu

nginx vulnerabilities

2019-08-15 00:00:00

nghttp2 vulnerability

2024-05-07 00:00:00

nghttp2 vulnerabilities

2024-04-25 00:00:00

hackerone

Localize: Nginx version is disclosed in HTTP response

2020-01-26 21:54:31

K02591030 : HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517

2019-08-20 00:00:00

githubexploit

Exploit for Uncontrolled Resource Consumption in F5 Nginx

2020-12-22 10:16:11

symantec

Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability

2019-08-13 00:00:00

Microsoft Windows 'HTTP.sys' CVE-2019-9513 Denial of Service Vulnerability

2019-08-13 00:00:00

Nginx Vulnerabilities Jul 2017 - Oct 2019

2020-05-06 18:48:22

redhatcve

CVE-2019-9511

2020-11-01 17:54:29

CVE-2019-9513

2021-03-21 00:38:16

mscve

HTTP/2 Server Denial of Service Vulnerability

2019-08-13 07:00:00

HTTP/2 Server Denial of Service Vulnerability

2019-08-13 07:00:00

alpinelinux

CVE-2019-9511

2019-08-13 21:15:12

CVE-2019-9513

2019-08-13 21:15:12

cve

CVE-2019-9513

2019-08-13 21:15:12

CVE-2019-9511

2019-08-13 21:15:12

CVE-2019-3643

2019-09-11 15:15:11

cbl_mariner

CVE-2019-9513 affecting package nginx 1.16.1-2

2021-06-14 15:32:58

CVE-2019-9511 affecting package nginx 1.16.1-2

2021-06-14 15:32:58

debiancve

CVE-2019-9513

2019-08-13 21:15:12

CVE-2019-9511

2019-08-13 21:15:12

cvelist

CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service

2019-08-13 20:50:59

CVE-2019-9513 Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service

2019-08-13 20:50:59

CVE-2019-3643 MWG scanners updated to address CVE-2019-9511

2019-09-11 14:08:19

nvd

CVE-2019-9511

2019-08-13 21:15:12

CVE-2019-9513

2019-08-13 21:15:12

CVE-2019-14989

2019-08-13 18:15:12

ubuntucve

CVE-2019-9513

2019-08-13 00:00:00

CVE-2019-9511

2019-08-13 00:00:00

prion

Code injection

2019-08-13 21:15:00

Design/Logic Flaw

2019-08-13 21:15:00

Code injection

2019-09-11 15:15:00

veracode

Denial Of Service (DoS)

2019-09-13 00:40:24

Denial Of Service (DoS)

2019-09-13 00:40:24

nginx

Excessive CPU usage in HTTP/2 with small window updates

2019-08-13 21:15:12

Excessive CPU usage in HTTP/2 with priority changes

2019-08-13 21:15:12

photon

Critical Photon OS Security Update - PHSA-2023-4.0-0379

2023-04-19 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0298

2022-12-14 00:00:00

Critical Photon OS Security Update - PHSA-2023-5.0-0143

2023-11-15 00:00:00

altlinux

Security fix for the ALT Linux 10 package node version 10.16.3-alt1

2019-08-30 00:00:00

myhack58

HTTP/2 denial of service attack vulnerability alerts-a vulnerability alert-the black bar safety net

2019-08-14 00:00:00

threatpost

HTTP Bugs Open Websites to DoS Attacks

2019-08-15 19:20:38

fortinet

HTTP/2 Multiple DoS Attacks (VU#605641)

2019-09-03 00:00:00

cloudfoundry

Various HTTP2 CVEs: Some Cloud Foundry products are impacted by HTTP denial of service attacks | Cloud Foundry

2019-12-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.078

Percentile

94.3%

JSON

Related for PHSA-2023-4.0-0342