CLSA-2026-1777947331

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777947331
Upstream
Published
2026-05-05T02:15:38Z
Modified
2026-06-04T09:45:22.231384145Z
Summary
Fix CVE(s): CVE-2023-35945
Details
  • SECURITY UPDATE: HTTP/2 memory leak in nghttp2 codec
    • debian/patches/CVE-2023-35945.patch: fix memory leak in nghttp2sessionmemsendinternal when stream close callback fails with a fatal error
    • CVE-2023-35945
References

Affected packages

TuxCare:Debian:10
libnghttp2-14

Package

Name
libnghttp2-14
Purl
pkg:deb/tuxcare/libnghttp2-14?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
libnghttp2-dev

Package

Name
libnghttp2-dev
Purl
pkg:deb/tuxcare/libnghttp2-dev?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
libnghttp2-doc

Package

Name
libnghttp2-doc
Purl
pkg:deb/tuxcare/libnghttp2-doc?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
nghttp2

Package

Name
nghttp2
Purl
pkg:deb/tuxcare/nghttp2?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
nghttp2-client

Package

Name
nghttp2-client
Purl
pkg:deb/tuxcare/nghttp2-client?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
nghttp2-proxy

Package

Name
nghttp2-proxy
Purl
pkg:deb/tuxcare/nghttp2-proxy?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"
nghttp2-server

Package

Name
nghttp2-server
Purl
pkg:deb/tuxcare/nghttp2-server?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.36.0-2+deb10u3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777947331.json"