FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

NGINX -- Multiple vulnerabilities

Affected packages
nginx < 1.16.1,2
nginx-devel < 1.17.3

Details

VuXML ID 87679fcb-be60-11e9-9051-4c72b94353b5
Discovery 2019-08-13
Entry 2019-08-14
Modified 2019-08-14

NGINX Team reports:

Several security issues were identified in nginx HTTP/2 implementation which might cause excessive memory consumption and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). The issues affect nginx compiled with the ngx_http_v2_module (not compiled by default) if the http2 option of the listen directive is used in a configuration file.

References

CVE Name CVE-2019-9511
CVE Name CVE-2019-9513
CVE Name CVE-2019-9516
URL http://nginx.org/en/security_advisories.html