CVE-2019-9513 log

Severity Medium
Remote Yes
Type Denial of service
An issue has been found in several HTTP/2 implementations, where the attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU, potentially leading to a denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-1024 libnghttp2 1.39.1-1 1.39.2-1 Medium Fixed
AVG-1023 nginx 1.16.0-1 1.16.1-1 Medium Fixed
AVG-1022 nginx-mainline 1.17.2-1 1.17.3-1 Medium Fixed
Date Advisory Group Package Severity Type
27 Aug 2019 ASA-201908-17 AVG-1024 libnghttp2 Medium denial of service
16 Aug 2019 ASA-201908-13 AVG-1023 nginx Medium denial of service
16 Aug 2019 ASA-201908-12 AVG-1022 nginx-mainline Medium denial of service