Vulnerabilities in nghttp2
4 resultsCVE-2024-28182MEDIUMReading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usageEPSS 85.0%CVE-2020-11080LOWDenial of service in nghttp2EPSS 5.3%CVE-2016-1544—nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).EPSS 0.9%CVE-2026-27135HIGHnghttp2 Denial of service: Assertion failure due to the missing state validationEPSS 0.6%