VulnerableCode Package Details - pkg:deb/debian/nghttp2@1.43.0-1%2Bdeb11u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-94sx-qnsn-5ucm Aliases: CVE-2024-28182	Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service.	1.52.0-1+deb12u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-gv39-q6pw-yfh4 Aliases: CVE-2026-27135	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination	1.68.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-94sx-qnsn-5ucm
Aliases:
CVE-2024-28182

Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service.

1.52.0-1+deb12u2
Affected by 1 other vulnerability.

VCID-gv39-q6pw-yfh4
Aliases:
CVE-2026-27135

nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

1.68.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-17k5-vadp-4kby	nghttp2: overly large SETTINGS frames can lead to DoS	CVE-2020-11080
VCID-5781-s1ny-q7ey		CVE-2023-44487 GHSA-2m7v-gc89-fjqf GHSA-qppj-fm5r-hxr3 GHSA-vx74-f528-fxqg GHSA-xpw8-rcwv-8f8p GMS-2023-3377 VSV00013
VCID-9hzg-r1fj-pubf	Excessive CPU usage in HTTP/2 with priority changes	CVE-2019-9513
VCID-dmv4-ydq9-a7eq	Excessive CPU usage in HTTP/2 with small window updates	CVE-2019-9511

Vulnerability

Summary

Aliases

VCID-17k5-vadp-4kby

nghttp2: overly large SETTINGS frames can lead to DoS

CVE-2020-11080

VCID-5781-s1ny-q7ey

CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013

VCID-9hzg-r1fj-pubf

Excessive CPU usage in HTTP/2 with priority changes

CVE-2019-9513

VCID-dmv4-ydq9-a7eq

Excessive CPU usage in HTTP/2 with small window updates

CVE-2019-9511

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:57:12.277232+00:00	Debian Importer	Affected by	VCID-gv39-q6pw-yfh4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-15T22:08:16.887411+00:00	Debian Oval Importer	Affected by	VCID-94sx-qnsn-5ucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:58:03.930436+00:00	Debian Oval Importer	Fixing	VCID-5781-s1ny-q7ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:54:43.501727+00:00	Debian Oval Importer	Fixing	VCID-9hzg-r1fj-pubf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:49:40.883037+00:00	Debian Oval Importer	Fixing	VCID-dmv4-ydq9-a7eq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:09:51.101412+00:00	Debian Oval Importer	Fixing	VCID-17k5-vadp-4kby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T06:39:57.646515+00:00	Debian Importer	Affected by	VCID-gv39-q6pw-yfh4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T21:46:10.903440+00:00	Debian Oval Importer	Affected by	VCID-94sx-qnsn-5ucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:40:03.370143+00:00	Debian Oval Importer	Fixing	VCID-5781-s1ny-q7ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:39:01.359019+00:00	Debian Oval Importer	Fixing	VCID-9hzg-r1fj-pubf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:35:40.776494+00:00	Debian Oval Importer	Fixing	VCID-dmv4-ydq9-a7eq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:56:24.600766+00:00	Debian Oval Importer	Fixing	VCID-17k5-vadp-4kby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:23:56.648887+00:00	Debian Oval Importer	Affected by	VCID-94sx-qnsn-5ucm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:23:04.691379+00:00	Debian Oval Importer	Fixing	VCID-5781-s1ny-q7ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:25:55.652071+00:00	Debian Importer	Affected by	VCID-gv39-q6pw-yfh4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:24:12.553240+00:00	Debian Oval Importer	Fixing	VCID-9hzg-r1fj-pubf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:23:15.951923+00:00	Debian Oval Importer	Fixing	VCID-dmv4-ydq9-a7eq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:46:07.711533+00:00	Debian Oval Importer	Fixing	VCID-17k5-vadp-4kby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0