OSVersionArchitecturePackageVersionFilename
Wolfiunknownx86_64nghttp2<= 1.61.0-r0nghttp2-1.61.0-r0.apk
Wolfiunknownaarch64nghttp2<= 1.61.0-r0nghttp2-1.61.0-r0.apk

OS	Version	Architecture	Package	Version	Filename
Wolfi	unknown	x86_64	nghttp2	<= 1.61.0-r0	nghttp2-1.61.0-r0.apk
Wolfi	unknown	aarch64	nghttp2	<= 1.61.0-r0	nghttp2-1.61.0-r0.apk

osv 20

mageia 1

cbl_mariner 5

nessus 73

openvas 28

veracode 1

redhat 23

cve 1

cvelist 1

vulnrichment 1

debiancve 1

amazon 2

fedora 3

slackware 1

rocky 6

cgr 1

redhatcve 1

almalinux 7

oraclelinux 7

ubuntucve 1

redos 1

nvd 1

debian 1

alpinelinux 1

ibm 2

f5 1

gentoo 1

ubuntu 2

photon 1

githubexploit 1

arista 1

cert 1

thn 1

osv

Moderate: nghttp2 security update

2024-05-30 00:00:00

nghttp2 - security update

2024-04-30 00:00:00

Moderate: nghttp2 security update

2024-06-14 14:00:33

mageia

Updated nghttp2 packages fix security vulnerability

2024-04-17 05:13:57

cbl_mariner

CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1

2024-06-21 09:32:44

CVE-2024-28182 affecting package rust for versions less than 1.68.0-1

2024-09-30 03:52:41

CVE-2024-28182 affecting package nodejs18 for versions less than 18.20.3-1

2024-07-10 19:52:59

nessus

RHEL 9 : nghttp2 (RHSA-2024:3875)

2024-06-13 00:00:00

EulerOS 2.0 SP9 : nghttp2 (EulerOS-SA-2024-1968)

2024-07-16 00:00:00

Amazon Linux 2023 : libnghttp2, libnghttp2-devel, nghttp2 (ALAS2023-2024-592)

2024-04-29 00:00:00

openvas

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1841)

2024-06-25 00:00:00

nghttp2 < 1.61.0 HTTP/2 Protocol DoS Vulnerability

2024-04-08 00:00:00

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-2197)

2024-08-20 00:00:00

veracode

Denial Of Service (DoS)

2024-04-05 10:02:12

redhat

(RHSA-2024:4576) Moderate: nghttp2 security update

2024-07-16 15:30:14

(RHSA-2024:3875) Moderate: nghttp2 security update

2024-06-12 22:26:11

(RHSA-2024:3763) Moderate: nghttp2 security update

2024-06-10 14:09:03

cve

CVE-2024-28182

2024-04-04 15:15:38

cvelist

CVE-2024-28182 Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 14:41:36

vulnrichment

CVE-2024-28182 Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

2024-04-04 14:41:36

debiancve

CVE-2024-28182

2024-04-04 15:15:38

amazon

Important: nghttp2

2024-05-09 17:43:00

Important: nghttp2

2024-04-24 22:15:00

fedora

[SECURITY] Fedora 38 Update: nghttp2-1.52.0-3.fc38

2024-04-20 02:14:40

[SECURITY] Fedora 39 Update: nghttp2-1.55.1-5.fc39

2024-04-20 01:03:28

[SECURITY] Fedora 40 Update: nghttp2-1.59.0-3.fc40

2024-04-19 21:41:43

slackware

[slackware-security] nghttp2

2024-04-04 19:17:04

rocky

nghttp2 security update

2024-06-14 14:00:33

nodejs:18 security update

2024-05-09 18:51:51

nodejs:18 security update

2024-05-09 18:50:42

cgr

CVE-2024-28182 vulnerabilities

2024-05-19 03:07:16

redhatcve

CVE-2024-28182

2024-04-03 19:27:34

almalinux

Moderate: nghttp2 security update

2024-05-30 00:00:00

Moderate: nghttp2 security update

2024-07-02 00:00:00

Important: nodejs:20 security update

2024-05-15 00:00:00

oraclelinux

nghttp2 security update

2024-06-20 00:00:00

nghttp2 security update

2024-07-02 00:00:00

nodejs:18 security update

2024-05-14 00:00:00

ubuntucve

CVE-2024-28182

2024-04-04 00:00:00

redos

ROS-20240507-08

2024-05-07 00:00:00

nvd

CVE-2024-28182

2024-04-04 15:15:38

debian

[SECURITY] [DLA 3804-1] nghttp2 security update

2024-04-30 21:29:26

alpinelinux

CVE-2024-28182

2024-04-04 15:15:38

ibm

Security Bulletin: IBM DataPower Gateway vulnerable to DoS due to use of nghttp2 (CVE-2024-28182)

2024-07-09 15:27:56

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go http2 and nghttp2

2024-08-08 09:45:01

K000139225: nghttp2 vulnerability CVE-2024-28182

2024-04-10 00:00:00

gentoo

nghttp2: Multiple Vulnerabilities

2024-08-07 00:00:00

ubuntu

nghttp2 vulnerabilities

2024-04-25 00:00:00

nghttp2 vulnerability

2024-05-07 00:00:00

photon

Important Photon OS Security Update - PHSA-2024-5.0-0242

2024-04-10 00:00:00

githubexploit

Exploit for Allocation of Resources Without Limits or Throttling in Apache Http Server

2024-04-09 08:08:07

arista

Security Advisory 0094

2024-04-03 00:00:00

cert

HTTP/2 CONTINUATION frames can be utilized for DoS attacks

2024-04-03 00:00:00

thn

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

2024-04-04 11:15:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

7.5

Confidence

Low

EPSS

Percentile

13.2%

JSON

Related for WOLFI:CVE-2024-28182