{"id":"DSA-4511-1","summary":"nghttp2 - security update","modified":"2026-03-09T02:09:41.622329Z","published":"2019-09-01T00:00:00Z","upstream":["CVE-2019-9511","CVE-2019-9513","DEBIAN-CVE-2019-9511","DEBIAN-CVE-2019-9513"],"affected":[{"package":{"name":"nghttp2","ecosystem":"Debian:9","purl":"pkg:deb/debian/nghttp2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.18.1-1+deb9u1"}]}],"versions":["1.18.1-1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-4511-1.json"}},{"package":{"name":"nghttp2","ecosystem":"Debian:10","purl":"pkg:deb/debian/nghttp2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.36.0-2+deb10u1"}]}],"versions":["1.36.0-2"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-4511-1.json"}}],"schema_version":"1.7.3"}