CVE-2019-9513
- Source
- https://cve.org/CVERecord?id=CVE-2019-9513
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9513.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-9513
- Downstream
- Related
- Published
- 2019-08-13T21:15:12.380Z
- Modified
- 2026-04-02T02:08:15.400495Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
- https://support.f5.com/csp/article/K02591030?utm_source=f5support&%3Butm_medium=RSS
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
- https://access.redhat.com/errata/RHSA-2019:2939
- https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
- https://kc.mcafee.com/corporate/index?page=content&id=SB10296
- https://security.netapp.com/advisory/ntap-20190823-0005/
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://access.redhat.com/errata/RHSA-2019:2775
- https://access.redhat.com/errata/RHSA-2019:2955
- https://www.debian.org/security/2019/dsa-4511
- https://access.redhat.com/errata/RHSA-2019:3041
- https://access.redhat.com/errata/RHSA-2019:3933
- https://seclists.org/bugtraq/2019/Aug/40
- https://security.netapp.com/advisory/ntap-20190823-0002/
- https://access.redhat.com/errata/RHSA-2019:2745
- https://access.redhat.com/errata/RHSA-2019:2966
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
- https://access.redhat.com/errata/RHSA-2019:2925
- https://usn.ubuntu.com/4099-1/
- https://www.debian.org/security/2020/dsa-4669
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://access.redhat.com/errata/RHSA-2019:2799
- https://access.redhat.com/errata/RHSA-2019:3935
- https://kb.cert.org/vuls/id/605641/
- https://www.synology.com/security/advisory/Synology_SA_19_33
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
- https://access.redhat.com/errata/RHSA-2019:2746
- https://access.redhat.com/errata/RHSA-2019:3932
- https://support.f5.com/csp/article/K02591030
- https://www.debian.org/security/2019/dsa-4505
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
- https://access.redhat.com/errata/RHSA-2019:2692
- https://access.redhat.com/errata/RHSA-2019:2949
- https://seclists.org/bugtraq/2019/Sep/1
Affected packages
Git / github.com/apache/trafficserver
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/trafficserver
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affected
- Database specific
{ "versions": [ { "introduced": "6.0.0" }, { "last_affected": "6.2.3" }, { "introduced": "7.0.0" }, { "last_affected": "7.1.6" }, { "introduced": "8.0.0" }, { "last_affected": "8.0.3" } ] }
- Type
- GIT
- Repo
- https://github.com/nginx/nginx
- Events
-
IntroducedLast affectedIntroducedFixedIntroducedLast affected
- Database specific
{ "versions": [ { "introduced": "1.0.0" }, { "last_affected": "1.4.0" }, { "introduced": "1.9.5" }, { "fixed": "1.16.1" }, { "introduced": "1.17.0" }, { "last_affected": "1.17.2" } ] }
- Type
- GIT
- Repo
- https://github.com/nodejs/node
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedLast affectedIntroducedFixedIntroducedLast affectedIntroducedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "9.0" }, { "introduced": "0" }, { "last_affected": "10.0" }, { "introduced": "0" }, { "last_affected": "6.2" }, { "introduced": "0" }, { "last_affected": "9.0" }, { "introduced": "0" }, { "last_affected": "10.0" }, { "introduced": "0" }, { "last_affected": "15.0" }, { "introduced": "0" }, { "last_affected": "15.1" }, { "introduced": "0" }, { "last_affected": "1.0" }, { "introduced": "0" }, { "last_affected": "7.2.0" }, { "introduced": "0" }, { "last_affected": "7.3.0" }, { "introduced": "0" }, { "last_affected": "1.0" }, { "introduced": "0" }, { "last_affected": "3.0.0" }, { "introduced": "0" }, { "last_affected": "1.0" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "19.2.0" }, { "introduced": "8.1.0" }, { "fixed": "8.2.0" }, { "introduced": "0" }, { "last_affected": "3.1.0" }, { "introduced": "0" }, { "last_affected": "3.2.0" }, { "introduced": "8.0.0" }, { "last_affected": "8.8.1" }, { "introduced": "8.9.0" }, { "fixed": "8.16.1" }, { "introduced": "10.0.0" }, { "last_affected": "10.12.0" }, { "introduced": "10.13.0" }, { "fixed": "10.16.3" }, { "introduced": "12.0.0" }, { "fixed": "12.8.1" } ] }
Affected versions
6.*
6.0.0
6.0.0-rc3
6.0.1-rc0
6.0.1-rc1
7.*
7.0.0
8.*
8.0.0
8.0.0-rc4
8.0.1
8.0.1-rc0
8.0.2
8.0.2-rc0
8.0.3
8.0.3-rc0
release-1.*
release-1.0.0
release-1.0.1
release-1.0.10
release-1.0.11
release-1.0.12
release-1.0.13
release-1.0.14
release-1.0.15
release-1.0.2
release-1.0.3
release-1.0.4
release-1.0.5
release-1.0.6
release-1.0.7
release-1.0.8
release-1.0.9
release-1.1.0
release-1.1.1
release-1.1.10
release-1.1.11
release-1.1.12
release-1.1.13
release-1.1.14
release-1.1.15
release-1.1.16
release-1.1.17
release-1.1.18
release-1.1.19
release-1.1.2
release-1.1.3
release-1.1.4
release-1.1.5
release-1.1.6
release-1.1.7
release-1.1.8
release-1.1.9
release-1.10.0
release-1.10.1
release-1.10.2
release-1.10.3
release-1.11.0
release-1.11.1
release-1.11.10
release-1.11.11
release-1.11.12
release-1.11.13
release-1.11.2
release-1.11.3
release-1.11.4
release-1.11.5
release-1.11.6
release-1.11.7
release-1.11.8
release-1.11.9
release-1.12.0
release-1.12.1
release-1.12.2
release-1.13.0
release-1.13.1
release-1.13.10
release-1.13.11
release-1.13.12
release-1.13.2
release-1.13.3
release-1.13.4
release-1.13.5
release-1.13.6
release-1.13.7
release-1.13.8
release-1.13.9
release-1.14.0
release-1.14.1
release-1.14.2
release-1.15.0
release-1.15.1
release-1.15.10
release-1.15.11
release-1.15.12
release-1.15.2
release-1.15.3
release-1.15.4
release-1.15.5
release-1.15.6
release-1.15.7
release-1.15.8
release-1.15.9
release-1.16.0
release-1.17.0
release-1.17.1
release-1.17.2
release-1.2.0
release-1.2.2
release-1.2.3
release-1.2.4
release-1.2.5
release-1.2.6
release-1.2.7
release-1.2.8
release-1.2.9
release-1.3.0
release-1.3.1
release-1.3.10
release-1.3.11
release-1.3.12
release-1.3.13
release-1.3.14
release-1.3.15
release-1.3.16
release-1.3.2
release-1.3.3
release-1.3.4
release-1.3.5
release-1.3.6
release-1.3.7
release-1.3.8
release-1.3.9
release-1.4.0
release-1.9.10
release-1.9.11
release-1.9.12
release-1.9.13
release-1.9.14
release-1.9.15
release-1.9.5
release-1.9.6
release-1.9.7
release-1.9.8
release-1.9.9
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.1.0
v0.1.1
v0.1.10
v0.1.100
v0.1.101
v0.1.102
v0.1.103
v0.1.104
v0.1.11
v0.1.12
v0.1.13
v0.1.14
v0.1.15
v0.1.16
v0.1.17
v0.1.18
v0.1.19
v0.1.2
v0.1.20
v0.1.21
v0.1.22
v0.1.23
v0.1.24
v0.1.25
v0.1.26
v0.1.27
v0.1.28
v0.1.29
v0.1.3
v0.1.30
v0.1.31
v0.1.32
v0.1.33
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.1.90
v0.1.91
v0.1.92
v0.1.93
v0.1.94
v0.1.95
v0.1.96
v0.1.97
v0.1.98
v0.1.99
v0.10.0
v0.10.1
v0.10.10
v0.10.11
v0.10.12
v0.10.13
v0.10.14
v0.10.15
v0.10.16
v0.10.17
v0.10.18
v0.10.19
v0.10.2
v0.10.20
v0.10.21
v0.10.22
v0.10.23
v0.10.24
v0.10.25
v0.10.26
v0.10.27
v0.10.28
v0.10.29
v0.10.3
v0.10.30
v0.10.31
v0.10.32
v0.10.33
v0.10.34
v0.10.35
v0.10.36
v0.10.37
v0.10.38
v0.10.39
v0.10.4
v0.10.40
v0.10.41
v0.10.41-rc.1
v0.10.42
v0.10.43
v0.10.44
v0.10.45
v0.10.46
v0.10.47
v0.10.48
v0.10.5
v0.10.6
v0.10.7
v0.10.8
v0.10.9
v0.11.0
v0.11.1
v0.11.10
v0.11.11
v0.11.12
v0.11.13
v0.11.14
v0.11.15
v0.11.16
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.11.7
v0.11.8
v0.11.9
v0.12.0
v0.12.1
v0.12.10
v0.12.11
v0.12.12
v0.12.13
v0.12.14
v0.12.15
v0.12.16
v0.12.17
v0.12.18
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.12.6
v0.12.7
v0.12.8
v0.12.8-rc.1
v0.12.9
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.4.0
v0.4.1
v0.4.10
v0.4.11
v0.4.12
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.7
v0.4.8
v0.4.9
v0.5.0
v0.5.1
v0.5.10
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.5-rc1
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.15
v0.6.16
v0.6.17
v0.6.18
v0.6.19
v0.6.2
v0.6.20
v0.6.21
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.6.8
v0.6.9
v0.7.0
v0.7.1
v0.7.10
v0.7.10-fixed
v0.7.11
v0.7.12
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9
v0.8.0
v0.8.1
v0.8.10
v0.8.11
v0.8.12
v0.8.13
v0.8.14
v0.8.15
v0.8.16
v0.8.17
v0.8.18
v0.8.19
v0.8.2
v0.8.20
v0.8.21
v0.8.22
v0.8.23
v0.8.24
v0.8.25
v0.8.26
v0.8.27
v0.8.28
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.8.9
v0.9.0
v0.9.1
v0.9.10
v0.9.11
v0.9.12
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9
v1.*
v1.0.0
v1.0.0-release
v10.*
v10.0.0
v10.13.0
v10.14.0
v10.14.1
v10.14.2
v10.15.0
v10.15.1
v10.15.2
v10.15.3
v10.16.0
v10.16.1
v10.16.2
v12.*
v12.0.0
v12.1.0
v12.2.0
v12.3.0
v12.3.1
v12.4.0
v12.5.0
v12.6.0
v12.7.0
v12.8.0
v8.*
v8.0.0
v8.1.0
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.10.0
v8.11.0
v8.11.1
v8.11.2
v8.11.3
v8.11.4
v8.12.0
v8.13.0
v8.14.0
v8.14.1
v8.15.0
v8.15.1
v8.16.0
v8.9.0
v8.9.1
v8.9.2
v8.9.3
v8.9.4
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "29"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "30"
}
]
},
{
"events": [
{
"introduced": "7.7.2.0"
},
{
"fixed": "7.7.2.24"
}
]
},
{
"events": [
{
"introduced": "7.8.2.0"
},
{
"fixed": "7.8.2.13"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9513.json"