Vulnerabilities in HTTP/2 Implementations Could Lead to DoS

Several vulnerabilities were identified that affect HTTP/2 implementations. Exploitation of these vulnerabilities (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518) could cause excessive system resource consumption and lead to a denial-of-service (DoS) condition. Vulnerability details and a list of affected products are provided in the CERT/CC Vulnerability Note. The NJCCIC recommends administrators install the latest updates from HTTP/2 implementers.

AdvisoryNJCCIChttp2