Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/nghttp2@1.52.0-1%2Bdeb12u2
purl pkg:deb/debian/nghttp2@1.52.0-1%2Bdeb12u2
Next non-vulnerable version 1.69.0-1
Latest non-vulnerable version 1.69.0-1
Risk 3.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-gv39-q6pw-yfh4
Aliases:
CVE-2026-27135
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
1.68.1-1
Affected by 0 other vulnerabilities.
1.69.0-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-94sx-qnsn-5ucm Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service. CVE-2024-28182

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-01T22:02:38.028110+00:00 Debian Importer Affected by VCID-gv39-q6pw-yfh4 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-04-29T12:49:59.072175+00:00 Debian Importer Affected by VCID-gv39-q6pw-yfh4 https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-16T09:57:12.281727+00:00 Debian Importer Affected by VCID-gv39-q6pw-yfh4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-15T22:08:16.893763+00:00 Debian Oval Importer Fixing VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T06:39:57.650123+00:00 Debian Importer Affected by VCID-gv39-q6pw-yfh4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T21:46:10.906936+00:00 Debian Oval Importer Fixing VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:23:56.653453+00:00 Debian Oval Importer Fixing VCID-94sx-qnsn-5ucm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:25:55.657766+00:00 Debian Importer Affected by VCID-gv39-q6pw-yfh4 https://security-tracker.debian.org/tracker/data/json 38.1.0