Test ID:	1.3.6.1.4.1.25623.1.0.112419
Category:	Web Servers
Title:	nginx 1.9.5 < 1.14.1, 1.15.x < 1.15.6 Multiple Vulnerabilities
Summary:	Two security issues were identified in the nginx HTTP/2 implementation,; which might cause excessive memory consumption and CPU usage.
Description:	Summary: Two security issues were identified in the nginx HTTP/2 implementation, which might cause excessive memory consumption and CPU usage. Vulnerability Insight: The issues affect nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. Affected Software/OS: nginx versions 1.9.5 up to 1.14.0 and 1.15.x up to 1.15.5. Solution: Update nginx to version 1.14.1 or 1.15.6 respectively. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16843 BugTraq ID: 105868 http://www.securityfocus.com/bid/105868 Debian Security Information: DSA-4335 (Google Search) https://www.debian.org/security/2018/dsa-4335 http://seclists.org/fulldisclosure/2021/Sep/36 http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html RedHat Security Advisories: RHSA-2018:3653 https://access.redhat.com/errata/RHSA-2018:3653 RedHat Security Advisories: RHSA-2018:3680 https://access.redhat.com/errata/RHSA-2018:3680 RedHat Security Advisories: RHSA-2018:3681 https://access.redhat.com/errata/RHSA-2018:3681 http://www.securitytracker.com/id/1042038 SuSE Security Announcement: openSUSE-SU-2019:2120 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html https://usn.ubuntu.com/3812-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-16844
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.