Voozh

Vulnerabilities

CVE-2019-9512 Detail

Modified After Enrichment

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

👁 NIST CVSS score

NIST: NVD

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html	CERT/CC, CVE	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2019/Aug/16	CERT/CC, CVE	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/08/20/1	CERT/CC, CVE	Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2594	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2661	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2682	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2690	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2726	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2766	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2769	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2796	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2861	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2925	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2939	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2955	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2966	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3131	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3245	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3265	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3892	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3906	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4018	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4019	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4020	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4021	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4040	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4041	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4042	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4045	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4269	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4273	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:4352	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0406	CERT/CC, CVE	Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0727	CERT/CC, CVE	Third Party Advisory
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md	CERT/CC, CVE	Third Party Advisory
https://kb.cert.org/vuls/id/605641/	CERT/CC, CVE	Third Party Advisory US Government Resource
https://kc.mcafee.com/corporate/index?page=content&id=SB10296	CERT/CC, CVE	Third Party Advisory
https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3Cusers.trafficserver.apache.org%3E	CERT/CC, CVE
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3Cannounce.trafficserver.apache.org%3E	CERT/CC, CVE
https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3Cdev.trafficserver.apache.org%3E	CERT/CC, CVE
https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html	CERT/CC, CVE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/	CERT/CC, CVE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/	CERT/CC, CVE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/	CERT/CC, CVE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/	CERT/CC, CVE
https://seclists.org/bugtraq/2019/Aug/24	CERT/CC, CVE	Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Aug/31	CERT/CC, CVE	Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Aug/43	CERT/CC, CVE	Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Sep/18	CERT/CC, CVE	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20190823-0001/	CERT/CC, CVE	Third Party Advisory
https://security.netapp.com/advisory/ntap-20190823-0004/	CERT/CC, CVE	Third Party Advisory
https://security.netapp.com/advisory/ntap-20190823-0005/	CERT/CC, CVE	Third Party Advisory
https://support.f5.com/csp/article/K98053339	CERT/CC, CVE	Third Party Advisory
https://support.f5.com/csp/article/K98053339?utm_source=f5support&amp%3Butm_medium=RSS	CERT/CC, CVE
https://usn.ubuntu.com/4308-1/	CERT/CC, CVE	Third Party Advisory
https://www.debian.org/security/2019/dsa-4503	CERT/CC, CVE	Third Party Advisory
https://www.debian.org/security/2019/dsa-4508	CERT/CC, CVE	Third Party Advisory
https://www.debian.org/security/2019/dsa-4520	CERT/CC, CVE	Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_33	CERT/CC, CVE	Third Party Advisory

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-400	Uncontrolled Resource Consumption	👁 cwe source acceptance level NIST CERT/CC

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

53 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2019-9512
NVD Published Date:
08/13/2019
NVD Last Modified:
06/16/2026
Source:
CERT/CC

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-9512

⇱ NVD - CVE-2019-9512

CVE-2019-9512 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CERT/CC 6/16/2026 10:43:51 PM

CVE Modified by CVE 11/20/2024 11:51:46 PM

CVE Modified by CERT/CC 5/14/2024 2:10:50 AM

CVE Modified by CERT/CC 11/06/2023 10:13:41 PM

Modified Analysis by NIST 8/12/2022 2:41:19 PM

CVE Modified by CERT/CC 12/08/2020 7:15:12 PM

CVE Modified by CERT/CC 3/30/2020 6:15:14 PM

CVE Modified by CERT/CC 3/11/2020 6:29:02 PM

CVE Modified by CERT/CC 2/04/2020 7:15:13 PM

CVE Modified by CERT/CC 12/19/2019 5:15:15 PM

CVE Modified by CERT/CC 12/17/2019 9:15:19 AM

CVE Modified by CERT/CC 12/02/2019 4:15:17 PM

CVE Modified by CERT/CC 11/26/2019 6:15:12 PM

CVE Modified by CERT/CC 11/18/2019 4:15:12 PM

CVE Modified by CERT/CC 11/14/2019 7:15:12 PM

CVE Modified by CERT/CC 10/30/2019 7:15:10 PM

CVE Modified by CERT/CC 10/29/2019 5:15:11 PM

CVE Modified by CERT/CC 10/24/2019 7:15:14 PM

CVE Modified by CERT/CC 10/16/2019 2:15:37 PM

CVE Modified by CERT/CC 10/09/2019 4:15:32 PM

CVE Modified by CERT/CC 10/03/2019 7:15:12 PM

CVE Modified by CERT/CC 10/02/2019 1:15:12 PM

CVE Modified by CERT/CC 9/30/2019 10:15:14 PM

CVE Modified by CERT/CC 9/30/2019 6:15:10 AM

CVE Modified by CERT/CC 9/26/2019 4:15:11 PM

CVE Modified by CERT/CC 9/19/2019 1:15:13 AM

CVE Modified by CERT/CC 9/14/2019 2:15:11 PM

CVE Modified by CERT/CC 9/12/2019 6:15:11 PM

CVE Modified by CERT/CC 9/11/2019 3:15:12 PM

CVE Modified by CERT/CC 9/11/2019 5:15:11 AM

CVE Modified by CERT/CC 9/10/2019 8:15:11 PM

CVE Modified by CERT/CC 9/10/2019 3:15:10 PM

CVE Modified by CERT/CC 9/10/2019 2:15:13 PM

CVE Modified by CERT/CC 9/10/2019 7:15:11 AM

CVE Modified by CERT/CC 9/10/2019 2:15:10 AM

CVE Modified by CERT/CC 9/07/2019 5:15:10 PM

CVE Modified by CERT/CC 9/06/2019 11:15:13 AM

CVE Modified by CERT/CC 9/05/2019 11:15:14 AM

CVE Modified by CERT/CC 9/02/2019 2:15:11 PM

CVE Modified by CERT/CC 8/26/2019 11:15:13 AM

CVE Modified by CERT/CC 8/26/2019 4:15:10 AM

CVE Modified by CERT/CC 8/25/2019 1:15:11 AM

CVE Modified by CERT/CC 8/24/2019 11:15:10 PM

CVE Modified by CERT/CC 8/24/2019 2:15:10 PM

CVE Modified by CERT/CC 8/23/2019 5:15:12 PM

Initial Analysis by NIST 8/23/2019 9:47:30 AM

CVE Modified by CERT/CC 8/20/2019 5:15:10 AM

CVE Modified by CERT/CC 8/20/2019 1:15:10 AM

CVE Modified by CERT/CC 8/19/2019 7:15:16 AM

CVE Modified by CERT/CC 8/18/2019 1:15:17 AM

CVE Modified by CERT/CC 8/16/2019 4:15:11 PM

CVE Modified by CERT/CC 8/14/2019 8:15:13 AM

CVE Modified by CERT/CC 8/13/2019 6:15:12 PM

Quick Info