WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Traffic Server Other Vulnerability (CVE-2019-9513)

Description

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

Remediation

References

Related Vulnerabilities

WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (3.34.5)

Internet Information Services Other Vulnerability (CVE-2001-0337)

WordPress Plugin VaultPress Remote Code Execution (1.9.0)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)

WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Security Bypass (2.9.16)

Severity

High

Classification

CVE-2019-9513 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities