Tag: CVEs

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

August 13, 2019

We have released updates to NGINX Open Source and NGINX Plus to fix vulnerabilities in the HTTP/2 protocol that were announced today (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516). Upgrade as soon as possible to NGINX 1.17.3, NGINX 1.16.1, or NGINX Plus R18 P1.

NGINX Response to the Meltdown and Spectre Vulnerabilities

January 5, 2018

security, CVEs

The Meltdown and Spectre vulnerabilities stem from commonly found security flaws in microprocessors. They require patches to most OSs.

The Imperva HTTP/2 Vulnerability Report and NGINX

August 5, 2016

HTTP/2, security advisory, CVE-2016-1546, CVEs

Security firm Imperva found four potential security vulnerabilities in HTTP/2, and one affects older versions of NGINX. Here are mitigation suggestions.

Tag: CVEs

Tag: CVEs

Tags