CVE-2019-9513 - log back

CVE-2019-9513 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ An issue has been found in several HTTP/2 implementations, where the attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU, potentially leading to a denial of service.
References
+ https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
+ https://github.com/nginx/nginx/commit/5ae726912654da10a9a81b2c8436829f3e94f69f
Notes