Description
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-36095)
Oracle Database Server CVE-2014-6483 Vulnerability (CVE-2014-6483)
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946)