exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2019-9513

Status Candidate

Overview

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

Related Files

Ubuntu Security Notice USN-6754-2
Posted May 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6754-2 - USN-6754-1 fixed vulnerabilities in nghttp2. This update provides the corresponding update for Ubuntu 24.04 LTS. It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

tags | advisory, remote, web, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-9513, CVE-2023-44487, CVE-2024-28182
SHA-256 | a626406c69b2c3819d9892a59563e91ef3909ded6eee46f3085c5cbec0e0e54b
Ubuntu Security Notice USN-6754-1
Posted Apr 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6754-1 - It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2023-44487, CVE-2024-28182
SHA-256 | 5cf8f575ba3f618cd1a7ba459257c95bf26180fa995bf1e705ddd3bb811a5c3e
Debian Security Advisory 4669-1
Posted Apr 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4669-1 - Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-9511, CVE-2019-9513, CVE-2019-9514
SHA-256 | 6f962b4fe577287f2ccb2224302c35d90acb45019bf2b11ea4da941e04961852
Red Hat Security Advisory 2020-0983-01
Posted Mar 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0983-01 - This release of Red Hat Fuse 7.6.0 serves as a replacement for Red Hat Fuse 7.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2017-16012, CVE-2017-5929, CVE-2018-11771, CVE-2018-15756, CVE-2019-10174, CVE-2019-10184, CVE-2019-11272, CVE-2019-12384, CVE-2019-12422, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439, CVE-2019-17570, CVE-2019-3802, CVE-2019-3888, CVE-2019-5427, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518
SHA-256 | c2b2bece438c10e903155ade04dc8eb70bbee2e9169a4e812ce54e8f4eebf85a
Red Hat Security Advisory 2019-3935-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3935-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | 38d04c60a0844680fb8dbf1f69783df06839251f87cb4f8f1f68b024aae0c58d
Red Hat Security Advisory 2019-3932-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3932-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | f949d1cc276a7bf012b0e797c6862801bf97e2c5aaac95a796e59d77b371fb59
Red Hat Security Advisory 2019-3933-01
Posted Nov 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3933-01 - This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0734, CVE-2018-0737, CVE-2018-17189, CVE-2018-17199, CVE-2018-5407, CVE-2019-0196, CVE-2019-0197, CVE-2019-0217, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2019-9517
SHA-256 | dac80e1c3458729338d3267cf431efdab4daa1ca2b791a55f1f323f8a84c4bb4
Red Hat Security Advisory 2019-3041-01
Posted Oct 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3041-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.1 release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513
SHA-256 | 097e4aeccf134590f368115ab1b4dc8ab7479fb04038e252d395e22509b49112
Red Hat Security Advisory 2019-2966-01
Posted Oct 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2966-01 - Updated Quay packages that fix several bugs and add various enhancements are now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9516
SHA-256 | 63b0d8ab6474fdaf45a79e3a10197b45cf4ccad24b137cb87f32d2febfed7d4e
Red Hat Security Advisory 2019-2955-01
Posted Oct 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2955-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518
SHA-256 | b7162517675b1868f60c53163c81b309fb76841f9ffbd714085b890a5ced1f17
Red Hat Security Advisory 2019-2949-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2949-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9517
SHA-256 | bdab73625eed6702880a86fd35af0095fae8c3f7d4f7704061248eabd587b2c4
Red Hat Security Advisory 2019-2939-01
Posted Sep 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2939-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518
SHA-256 | 0e76daf842df9e1f5049fa77927fefcb5bac7c968f8d047c529985892ae071e8
Red Hat Security Advisory 2019-2925-01
Posted Sep 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2925-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518
SHA-256 | f0803700656f06320591e809d9b312dd5bf8233a1cb2701c316cf8e794488af0
Red Hat Security Advisory 2019-2799-01
Posted Sep 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | 6db2fc5ba5ae499fa0f7a4bbbc155d6d378588483e1d08e6c8fed16e216519c8
Red Hat Security Advisory 2019-2775-01
Posted Sep 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2775-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | 563112f9aa5f6e29519ee4d5e8453954076952723b0dcf46e0231827777324ba
Red Hat Security Advisory 2019-2746-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2746-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | d98d71f0e6f8a7c11eaeb24675ee7f294833caa8ee363c3c52bb13f5b782bc94
Red Hat Security Advisory 2019-2745-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2745-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | 174cbd24fc1d2e93e73177950504374ebd0ed511c1661841094a7c2ba620ac1d
Red Hat Security Advisory 2019-2692-01
Posted Sep 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2692-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513
SHA-256 | 1f6c6050d085a41dc46ff9e4941e354e9054892ef169792bef49ce1f632e1907
Debian Security Advisory 4511-1
Posted Sep 2, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4511-1 - Two vulnerabilities were discovered in the HTTP/2 code of the nghttp2 HTTP server, which could result in denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-9511, CVE-2019-9513
SHA-256 | 9a0da7cd19ae47f0ab036ca0c1378aa35cb1143d6d6964b730518d0ccc7b92ca
Debian Security Advisory 4505-1
Posted Aug 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4505-1 - Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | 38817d6cbe881d7e08349f61c5c128eb23f57ca935723613ecd58131d5bef764
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close