CVE-2019-9512

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-9512
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9512.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-9512
Aliases
Downstream
Related
Published
2019-08-13T21:15:12.287Z
Modified
2026-03-15T22:30:25.584894Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

References

Affected packages

Git / github.com/apache/trafficserver

Affected ranges

Type
GIT
Repo
https://github.com/apache/trafficserver
Events
Introduced
27f8e2cda9133864e6ffae0224c799fde5f10290
Last affected
eaed59510bda6f1d27854d9d3f07aace2afffc16
Introduced
6c1c6cf20e7d0e287d697a0f4181436013d17c30
Last affected
e249f4a2c70ead73b281948459eb6369b3cbfaa4
Introduced
b310e3566f58dd04ec2b15b111ec86ea70e20019
Last affected
e92757040355baa6edc8896564e2e49d5232e149
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3fa146678bc6a061722f4ea930998ae29ad70de3
Database specific 
{
    "versions": [
        {
            "introduced": "6.0.0"
        },
        {
            "last_affected": "6.2.3"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "last_affected": "7.1.6"
        },
        {
            "introduced": "8.0.0"
        },
        {
            "last_affected": "8.0.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/apple/swift-nio
Events
Introduced
4fb0cc68fee45d2ae714484b5979316943ef1f24
Last affected
d94ab56d58c8559ebe5d65cc35510f40f6cc2932
Database specific 
{
    "versions": [
        {
            "introduced": "1.0.0"
        },
        {
            "last_affected": "1.4.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Last affected
dc6bbb44daec5584a0fbd37f0916baeff3202dba
Introduced
f76ce0a75641991bfc235775a4747c978e0e281b
Fixed
5744b466c45d5324c60f122b02681813d4496749
Introduced
cf41627411886000429bde058a6594fb7f6d6d47
Last affected
4a276cc2a960b3f9a138ac3a99c9249a63b4d472
Introduced
ab4af087e83d91a46354d765306d3543b1d85423
Fixed
75657ee41677d56a498e298b01d049aef5bf199f
Introduced
2f45ad8060e13d5ac912335096d21526f2f9602b
Fixed
787378879acfb212ed4ff824bf9f767a24a5cb43
Database specific 
{
    "versions": [
        {
            "introduced": "8.0.0"
        },
        {
            "last_affected": "8.8.1"
        },
        {
            "introduced": "8.9.0"
        },
        {
            "fixed": "8.16.1"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.12.0"
        },
        {
            "introduced": "10.13.0"
        },
        {
            "fixed": "10.16.3"
        },
        {
            "introduced": "12.0.0"
        },
        {
            "fixed": "12.8.1"
        }
    ]
}

Affected versions

1.*
1.0.0
1.1.0
1.2.0
1.2.1
1.3.0
1.3.1
1.4.0
8.*
8.0.0
8.0.0-rc4
8.0.1
8.0.1-rc0
8.0.2
8.0.2-rc0
8.0.3
8.0.3-rc0
v10.*
v10.0.0
v10.1.0
v10.10.0
v10.11.0
v10.12.0
v10.13.0
v10.14.0
v10.14.1
v10.14.2
v10.15.0
v10.15.1
v10.15.2
v10.15.3
v10.16.0
v10.16.1
v10.16.2
v10.2.0
v10.2.1
v10.3.0
v10.4.0
v10.4.1
v10.5.0
v10.6.0
v10.7.0
v10.8.0
v10.9.0
v8.*
v8.0.0
v8.1.0
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.10.0
v8.11.0
v8.11.1
v8.11.2
v8.11.3
v8.11.4
v8.12.0
v8.13.0
v8.14.0
v8.14.1
v8.15.0
v8.15.1
v8.16.0
v8.2.0
v8.2.1
v8.3.0
v8.4.0
v8.5.0
v8.6.0
v8.7.0
v8.8.0
v8.8.1
v8.9.0
v8.9.1
v8.9.2
v8.9.3
v8.9.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9512.json"