CVE-2019-9514

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 13, 2019

Updated: Jan 14, 2025

CWE ID 400

CWE ID 770

Summary

CVE-2019-9514 is a denial-of-service vulnerability affecting certain HTTP/2 implementations. An attacker can exploit this flaw by opening multiple streams and sending invalid requests, resulting in a flood of RST_STREAM frames. Depending on how the target handles these frames, it could experience excessive memory or CPU usage, leading to a denial of service. HTTP/2 servers that do not properly manage RST_STREAM frames are susceptible to this attack.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

F5 LTM
Nodejs Node.js
McAfee Web Gateway
Apache Traffic Server
Debian

Affected Vendors

Debian
Red Hat
Fedora Project
F5
Apache Software Foundation

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners