8.15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-13	CVE-2019-9512	Resource Exhaustion vulnerability in multiple products Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. network low complexity apple apache debian nodejs CWE-400	7.5
2019-08-13	CVE-2019-9511	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee f5 nodejs CWE-770	7.5
2018-05-08	CVE-2018-1000168	NULL Pointer Dereference vulnerability in multiple products nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. network low complexity nghttp2 nodejs debian CWE-476	7.5