[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

HTTP/2: flood using PING frames results in unbounded memory growth - CVE-2019-9512

ID: oval:org.secpod.oval:def:58203Date: (C)2019-10-10   (M)2023-12-07
Class: VULNERABILITYFamily: unix




Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Platform:
Red Hat Enterprise Linux 8
Product:
nodejs
Reference:
CVE-2019-9512
CVE    1
CVE-2019-9512
CPE    2
cpe:/o:redhat:enterprise_linux:8
cpe:/a:nodejs:nodejs

© SecPod Technologies