Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2019-9514
PUBLISHED
More InfoOfficial Page
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
View Known Exploited Vulnerability (KEV) details
Published At-13 Aug, 2019 | 00:00
Updated At-04 Aug, 2024 | 21:54
Rejected At-
▼CVE Numbering Authority (CNA)
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Thanks to Jonathan Looney of Netflix for reporting this vulnerability.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.cert.org/vuls/id/605641/
third-party-advisory
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
N/A
https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3Cdev.trafficserver.apache.org%3E
mailing-list
https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3Cusers.trafficserver.apache.org%3E
mailing-list
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3Cannounce.trafficserver.apache.org%3E
mailing-list
https://seclists.org/bugtraq/2019/Aug/24
mailing-list
http://seclists.org/fulldisclosure/2019/Aug/16
mailing-list
https://www.synology.com/security/advisory/Synology_SA_19_33
N/A
https://seclists.org/bugtraq/2019/Aug/31
mailing-list
https://www.debian.org/security/2019/dsa-4503
vendor-advisory
https://support.f5.com/csp/article/K01988340
N/A
http://www.openwall.com/lists/oss-security/2019/08/20/1
mailing-list
https://security.netapp.com/advisory/ntap-20190823-0001/
N/A
https://security.netapp.com/advisory/ntap-20190823-0004/
N/A
https://security.netapp.com/advisory/ntap-20190823-0005/
N/A
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
vendor-advisory
https://seclists.org/bugtraq/2019/Aug/43
mailing-list
https://www.debian.org/security/2019/dsa-4508
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2682
vendor-advisory
https://www.debian.org/security/2019/dsa-4520
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2726
vendor-advisory
https://seclists.org/bugtraq/2019/Sep/18
mailing-list
https://access.redhat.com/errata/RHSA-2019:2594
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2661
vendor-advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
N/A
https://access.redhat.com/errata/RHSA-2019:2690
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2766
vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2796
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2861
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2925
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2939
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2955
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2966
vendor-advisory
https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp%3Butm_medium=RSS
N/A
https://access.redhat.com/errata/RHSA-2019:3131
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:2769
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:3245
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:3265
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:3892
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:3906
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4018
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4019
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4021
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4020
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4045
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4042
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4040
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4041
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4269
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4273
vendor-advisory
https://access.redhat.com/errata/RHSA-2019:4352
vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0406
vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0727
vendor-advisory
https://usn.ubuntu.com/4308-1/
vendor-advisory
https://www.debian.org/security/2020/dsa-4669
vendor-advisory
https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
mailing-list
http://www.openwall.com/lists/oss-security/2023/10/18/8
mailing-list
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.cert.org/vuls/id/605641/
third-party-advisory
x_transferred
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
x_transferred
https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3Cdev.trafficserver.apache.org%3E
mailing-list
x_transferred
https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3Cusers.trafficserver.apache.org%3E
mailing-list
x_transferred
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3Cannounce.trafficserver.apache.org%3E
mailing-list
x_transferred
https://seclists.org/bugtraq/2019/Aug/24
mailing-list
x_transferred
http://seclists.org/fulldisclosure/2019/Aug/16
mailing-list
x_transferred
https://www.synology.com/security/advisory/Synology_SA_19_33
x_transferred
https://seclists.org/bugtraq/2019/Aug/31
mailing-list
x_transferred
https://www.debian.org/security/2019/dsa-4503
vendor-advisory
x_transferred
https://support.f5.com/csp/article/K01988340
x_transferred
http://www.openwall.com/lists/oss-security/2019/08/20/1
mailing-list
x_transferred
https://security.netapp.com/advisory/ntap-20190823-0001/
x_transferred
https://security.netapp.com/advisory/ntap-20190823-0004/
x_transferred
https://security.netapp.com/advisory/ntap-20190823-0005/
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
vendor-advisory
x_transferred
https://seclists.org/bugtraq/2019/Aug/43
mailing-list
x_transferred
https://www.debian.org/security/2019/dsa-4508
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2682
vendor-advisory
x_transferred
https://www.debian.org/security/2019/dsa-4520
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2726
vendor-advisory
x_transferred
https://seclists.org/bugtraq/2019/Sep/18
mailing-list
x_transferred
https://access.redhat.com/errata/RHSA-2019:2594
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2661
vendor-advisory
x_transferred
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
x_transferred
https://access.redhat.com/errata/RHSA-2019:2690
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2766
vendor-advisory
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2796
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2861
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2925
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2939
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2955
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2966
vendor-advisory
x_transferred
https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp%3Butm_medium=RSS
x_transferred
https://access.redhat.com/errata/RHSA-2019:3131
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:2769
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:3245
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:3265
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:3892
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:3906
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4018
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4019
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4021
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4020
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4045
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4042
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4040
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4041
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4269
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4273
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2019:4352
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2020:0406
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2020:0727
vendor-advisory
x_transferred
https://usn.ubuntu.com/4308-1/
vendor-advisory
x_transferred
https://www.debian.org/security/2020/dsa-4669
vendor-advisory
x_transferred
https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
mailing-list
x_transferred
http://www.openwall.com/lists/oss-security/2023/10/18/8
mailing-list
x_transferred
Details not found