Lucene search

CVE-2019-9516

🗓️ 13 Aug 2019 21:12:15Reported by certccType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 2882 Views

HTTP/2 vulnerability allows for denial of service due to header lea

Reporter	Title	Published	Views	Family All 184
Cvelist	CVE-2019-9516 Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service	13 Aug 201920:50	–	cvelist
UbuntuCve	CVE-2019-9516	13 Aug 201900:00	–	ubuntucve
AlpineLinux	CVE-2019-9516	13 Aug 201921:15	–	alpinelinux
Veracode	Denial Of Service (DoS)	13 Sep 201900:40	–	veracode
Tenable Nessus	Synology DSM HTTP/2 Implementations Allocation of Resources Without Limits or Throttling (CVE-2019-9516)	1 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : nginx (EulerOS-SA-2020-2372)	3 Nov 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : nginx (ALAS-2019-1299) (0-Length Headers Leak) (Data Dribble) (Resource Loop)	4 Oct 201900:00	–	nessus
Tenable Nessus	Debian DSA-4505-1 : nginx - security update (0-Length Headers Leak) (Data Dribble) (Resource Loop)	23 Aug 201900:00	–	nessus
Tenable Nessus	Fedora 29 : 1:nginx (2019-7a0b45fdc4) (0-Length Headers Leak) (Data Dribble) (Resource Loop)	4 Sep 201900:00	–	nessus
Tenable Nessus	Fedora 30 : 1:nginx (2019-befd924cfe) (0-Length Headers Leak) (Data Dribble) (Resource Loop)	22 Aug 201900:00	–	nessus

Nvd

Node

apple swiftnioRange1.0.0–1.4.0

AND

apple mac_os_xRange10.12≥

canonical ubuntu_linuxRange14.04≥

Node

apache traffic_serverRange6.0.0–6.2.3

apache traffic_serverRange7.0.0–7.1.6

apache traffic_serverRange8.0.0–8.0.3

Node

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch19.04

Node

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

fedoraproject fedoraMatch30

Node

synology skynasMatch-

synology diskstation_managerMatch6.2

Node

synology vs960hd_firmwareMatch-

AND

synology vs960hdMatch-

Node

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

Node

fedoraproject fedoraMatch29

fedoraproject fedoraMatch30

fedoraproject fedoraMatch32

Node

opensuse leapMatch15.0

opensuse leapMatch15.1

Node

redhat jboss_core_servicesMatch1.0

redhat jboss_enterprise_application_platformMatch7.2.0

redhat jboss_enterprise_application_platformMatch7.3.0

redhat openshift_service_meshMatch1.0

redhat quayMatch3.0.0

redhat software_collectionsMatch1.0

redhat enterprise_linuxMatch8.0

Node

oracle graalvmMatch19.2.0enterprise

Node

mcafee web_gatewayRange7.7.2.0–7.7.2.24

mcafee web_gatewayRange7.8.2.0–7.8.2.13

mcafee web_gatewayRange8.1.0–8.2.0

Node

f5 nginxRange1.9.5–1.16.1

f5 nginxRange1.17.0–1.17.2

Node

nodejs node.jsRange8.0.0–8.16.1lts

nodejs node.jsRange10.0.0–10.16.3lts

nodejs node.jsRange12.0.0–12.8.1-

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
access	www.access.redhat.com/errata/RHSA-2019:2955
access	www.access.redhat.com/errata/RHSA-2019:2946
support	www.support.f5.com/csp/article/K02591030
seclists	www.seclists.org/bugtraq/2019/Aug/24
access	www.access.redhat.com/errata/RHSA-2019:2775
kb	www.kb.cert.org/vuls/id/605641/
access	www.access.redhat.com/errata/RHSA-2019:2950
lists	www.lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
kc	www.kc.mcafee.com/corporate/index

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Aug 2019 21:15Current

7.3High risk

Vulners AI Score7.3

CVSS26.8

CVSS36.5 - 7.5

EPSS0.01969