Nginx HTTP/2 Implementation Excessive Memory Usage Vulnerability

By GIXnews

A vulnerability in the HTTP/2 implementation of Nginx could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to an unspecified condition in the affected software that could lead to excessive memory consumption. An attacker could exploit this vulnerability by sending a request that submits malicious input to an affected system. A successful exploit could result in a DoS condition. has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-16843

Source:: Cisco Multivendor Vulnerability Alerts