ALPINE-CVE-2018-16844

See a problem?
Please try reporting it to the source first.

Source

https://security.alpinelinux.org/vuln/CVE-2018-16844

Import Source

https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json

JSON Data

https://api.osv.dev/v1/vulns/ALPINE-CVE-2018-16844

Upstream

CVE-2018-16844

Published

2018-11-07T14:29:00.837Z

Modified

2026-06-09T21:31:28.619612823Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngxhttpv2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.

References

https://security.alpinelinux.org/vuln/CVE-2018-16844

Affected packages

Alpine:v3.10

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.11

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.12

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.13

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.14

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.15

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.16

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.17

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.18

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.19

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.20

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.21

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.22

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.23

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.24

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.6

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.12.2-r2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.7

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.12.1-r4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.8

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"

Alpine:v3.9

nginx

Package

Name: nginx
Purl: pkg:apk/alpine/nginx?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.1-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2018-16844.json"