CVE-2019-9514 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An issue has been found in several HTTP/2 implementations, where the attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-1021 go 2:1.12.7-1 2:1.12.8-1 Medium Fixed
AVG-1020 go-pie 2:1.12.7-1 2:1.12.8-1 Medium Fixed
Date Advisory Group Package Severity Type
24 Aug 2019 ASA-201908-16 AVG-1020 go-pie Medium multiple issues
24 Aug 2019 ASA-201908-15 AVG-1021 go Medium multiple issues
References
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md