{"id":"ALSA-2019:2799","summary":"Important: nginx:1.14 security update","details":"Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 (Post Office Protocol 3) and IMAP protocols, with a focus on high concurrency, performance and low memory usage. \n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511)\n\n* HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513)\n\n* HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-01-30T01:36:46.488445Z","published":"2019-09-17T08:45:10Z","related":["CVE-2019-9511","CVE-2019-9513","CVE-2019-9516"],"references":[{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2019-2799.html"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-9511"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-9513"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-9516"}],"affected":[{"package":{"name":"nginx","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-all-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-all-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-filesystem","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-filesystem"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-image-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-image-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-image-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-image-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-image-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-image-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-perl","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-perl","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-perl","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-xslt-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-xslt-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-xslt-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-xslt-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-http-xslt-filter","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-http-xslt-filter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-mail","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-mail"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-mail","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-mail"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-mail","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-mail"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-stream","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-stream"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.3.0+2165+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-stream","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-stream"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.4.0+2221+af250afe.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}},{"package":{"name":"nginx-mod-stream","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/nginx-mod-stream"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.1-9.module_el8.5.0+34+dc1cfba5.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2019:2799.json"}}],"schema_version":"1.7.3"}