cve/CVE-2019-9513.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

POC

Reference

https://kb.cert.org/vuls/id/605641/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/flyniu666/ingress-nginx-0.21-1.19.5
https://github.com/rmtec/modeswitcher
https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough

1.0 KiB Raw Blame History

CVE-2019-9513

Description

POC

Reference

Github

1.0 KiB

Raw Blame History