Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/nghttp2@0.6.4-2~bpo70%2B1
purl pkg:deb/debian/nghttp2@0.6.4-2~bpo70%2B1
Next non-vulnerable version 1.68.1-1
Latest non-vulnerable version 1.68.1-1
Risk 10.0
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-17k5-vadp-4kby
Aliases:
CVE-2020-11080
nghttp2: overly large SETTINGS frames can lead to DoS
1.43.0-1+deb11u1
Affected by 2 other vulnerabilities.
VCID-5781-s1ny-q7ey
Aliases:
CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013
1.43.0-1+deb11u1
Affected by 2 other vulnerabilities.
VCID-94sx-qnsn-5ucm
Aliases:
CVE-2024-28182
Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service.
1.52.0-1+deb12u2
Affected by 1 other vulnerability.
VCID-9hzg-r1fj-pubf
Aliases:
CVE-2019-9513
Excessive CPU usage in HTTP/2 with priority changes
1.18.1-1+deb9u1
Affected by 6 other vulnerabilities.
1.36.0-2+deb10u1
Affected by 5 other vulnerabilities.
1.43.0-1+deb11u1
Affected by 2 other vulnerabilities.
VCID-d26w-y23c-q7d1
Aliases:
CVE-2015-8659
Nghttp2 is vulnerable to a heap-use-after-free flaw in idle stream handling code.
1.18.1-1+deb9u1
Affected by 6 other vulnerabilities.
VCID-dmv4-ydq9-a7eq
Aliases:
CVE-2019-9511
Excessive CPU usage in HTTP/2 with small window updates
1.18.1-1+deb9u1
Affected by 6 other vulnerabilities.
1.36.0-2+deb10u1
Affected by 5 other vulnerabilities.
1.43.0-1+deb11u1
Affected by 2 other vulnerabilities.
VCID-gbnt-abha-47eu
Aliases:
CVE-2016-1544
Nghttp2 is vulnerable to a Denial of Service attack.
1.18.1-1+deb9u1
Affected by 6 other vulnerabilities.
VCID-gcuf-2uct-ykcu
Aliases:
CVE-2018-1000168
nghttp2: Null pointer dereference when too large ALTSVC frame is received
1.36.0-2+deb10u1
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T22:08:16.864040+00:00 Debian Oval Importer Affected by VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:58:03.915576+00:00 Debian Oval Importer Affected by VCID-5781-s1ny-q7ey https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:19:08.872331+00:00 Debian Oval Importer Affected by VCID-d26w-y23c-q7d1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:54:43.487065+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:14:26.568953+00:00 Debian Oval Importer Affected by VCID-gbnt-abha-47eu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:49:40.868913+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:09:51.087921+00:00 Debian Oval Importer Affected by VCID-17k5-vadp-4kby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:45:31.202763+00:00 Debian Oval Importer Affected by VCID-gcuf-2uct-ykcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:06:19.237486+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:57:15.015141+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:36:47.157452+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-15T14:34:43.838415+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-11T21:46:10.889008+00:00 Debian Oval Importer Affected by VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:40:03.354522+00:00 Debian Oval Importer Affected by VCID-5781-s1ny-q7ey https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:02:29.896597+00:00 Debian Oval Importer Affected by VCID-d26w-y23c-q7d1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:39:01.343361+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:59:51.733624+00:00 Debian Oval Importer Affected by VCID-gbnt-abha-47eu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:35:40.761026+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:56:24.584484+00:00 Debian Oval Importer Affected by VCID-17k5-vadp-4kby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:33:15.506159+00:00 Debian Oval Importer Affected by VCID-gcuf-2uct-ykcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:54:37.143426+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:45:30.695307+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:25:04.391586+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-11T14:23:01.119133+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-08T21:23:56.630844+00:00 Debian Oval Importer Affected by VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:23:04.674278+00:00 Debian Oval Importer Affected by VCID-5781-s1ny-q7ey https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:46:57.511834+00:00 Debian Oval Importer Affected by VCID-d26w-y23c-q7d1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:24:12.536943+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:46:31.486648+00:00 Debian Oval Importer Affected by VCID-gbnt-abha-47eu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:23:15.933393+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:46:07.661740+00:00 Debian Oval Importer Affected by VCID-17k5-vadp-4kby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:27:24.112506+00:00 Debian Oval Importer Affected by VCID-gcuf-2uct-ykcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T23:26:57.539110+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:18:19.837201+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T22:58:34.318543+00:00 Debian Oval Importer Affected by VCID-dmv4-ydq9-a7eq https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0
2026-04-07T22:56:35.069546+00:00 Debian Oval Importer Affected by VCID-9hzg-r1fj-pubf https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0