...
Vendor | Product | Version Information | Data Dribble | Ping Flood | Resource Loop | Reset Flood | Settings Flood | 0-Length Headers Leak | Internal Data Buffering | Empty Frames Flood | ||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Apache | Apache HTTP Server | 2.4.38 | Not affected | Not affected | Not affected | ? | Not affected | Not affected | Y | ? | ||
Apache | Tomcat | 9.0.13 (using FreeBSD native library 1.2.16) and presumably earlier are vulnerable | Not affected | Not affected | Affected* https://markmail.org/message/konb64olyan5ye6t * just a little | Not affected | Not affected | ? | ? | ? | ||
Apache | Traffic Server | Not affected | YAffected | Not affected | Affected | YAffectedY | Not affected | Not affected | N? | |||
Envoy | Envoy | Prior to Fixed in 1.11.1 | Not affected | Affected https://groups.google.com/forum/#!topic/envoy-announce/ZLchtraPYVk | Affected https://groups.google.com/forum/#!topic/envoy-announce/ZLchtraPYVk | Affected https://groups.google.com/forum/#!topic/envoy-announce/ZLchtraPYVk | Affected https://groups.google.com/forum/#!topic/envoy-announce/ZLchtraPYVk | Not affected | Not affected | Affected https://groups.google.com/forum/#!topic/envoy-announce/ZLchtraPYVk | ||
F5 | NGINX | 1.9.5 - 1.17.2 are vulnerable | Fixed in 1. | 6116.1 and 1.17.3 | Affected http://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html | Not affected | Affected Fixed in 1.61.1 and 1.17.3 http://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html | Not affected | Not affected | AffectedFixed in 1.61.1 and 1.17.3 http://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html | Not affected | Not affected |
Go | Prior to Fixed in 1.11.13 and 1.12.8 | Not affected | YAffected | Not affected | YAffected | Not affected | Not affected | Not affected | Not affected | |||
gRPC C | 1.21.0 | Not affected | Not affected | Not affected | YAffectedY | Affected | Not affected | Not affected | ? | |||
gRPC Java | 1.21.0 Uses Netty | Not affected | Not affected | Not affected | YAffected | Not affected | Not affected | ? | ||||
gRPC Go | 1.21.0 | Not affected | Not affected | Not affected | YAffectedY | Affected | Not affected | Not affected | ||||
H2O Project | H2O | Fixed in 2.2.6 and 2.3.0 beta2 | Not affected | Affected | Not affected | Affected | Affected | Not affected | Not affected | Not affected | ||
Hyper | Hyper: HTTP/2 for Python | https://python-hyper.org/en/latest/security.html | Not affected | Not affected | Not affected | Not affected | Not affected | Not affected | Not affected | Not affected | ||
Istio | Istio | Fixed in 1.1.13 and 1.2.4 Uses Envoy | Not affected | Affected ISTIO-SECURITY-2019-004 | Affected ISTIO-SECURITY-2019-004 | Affected ISTIO-SECURITY-2019-004 | Affected ISTIO-SECURITY-2019-004 | Not affected | Not affected | Affected ISTIO-SECURITY-2019-004 | ||
Microsoft | Windows Internet Information Server (IIS) | Windows 10 Windows Server 2016 and 2019 Windows Server, version 1803 and version 1903 | Affected https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9511 | Affected https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9512 | Affected https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9513 | Affected https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9514 | Not affected | Not affected | Not affected | Affected https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9518 | ||
Netty Project | Netty | 4.1.27 and presumably prior are vulnerable Fixed in 4.1.39 | Not affected | Affected | Not affected | Affected | Affected https://netty.io/news/2019/08/13/4-1-39-Final.html | Not affected | Not affected | Affected https://netty.io/news/2019/08/13/4-1-39-Final.html | ||
nghttp2Y | HTTP/2 C Library | Prior to 1.39.2 are vulnerable Fixed in 1.39.2 | Affected | Not affected | Affected | Not affectedY | Not affected | Not affected | Not affected | Not affected | ||
Node.js Project | Node.js | 8, 10, and 12 are vulnerable | Affected https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/ | Not affected | Affected https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/ | Affected https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/ | Not affected | ? | Not affected | ? | ||
proxygen | Not affected | YAffectedY | Affected | YAffectedY | Affected | Not affected | Not affected | ? | ||||
Swift | SwiftNIO HTTP/2 (swift-nio-http2) | 1.0.0 and - 1.4.0 inclusiveare vulnerable | Not affected | Affected https://forums.swift.org/t/swiftnio-http-2-security-notice/27855 | Not affected | Affected https://forums.swift.org/t/swiftnio-http-2-security-notice/27855 | Affected https://forums.swift.org/t/swiftnio-http-2-security-notice/27855 | Affected https://forums.swift.org/t/swiftnio-http-2-security-notice/27855 | Not affected | Affected https://forums.swift.org/t/swiftnio-http-2-security-notice/27855 | ||
Twisted Matrix Labs | Twisted | 16.3.0 - 19.7.0 are vulnerable | Not affected | YAffected | Not affected | YAffected | Not affected | Not affected | Not affected | ? |
...