Details of VAR-201908-0422

ID

VAR-201908-0422

CVE

CVE-2019-9512

TITLE

HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion

Trust: 0.8

sources: CERT/CC: VU#605641

DESCRIPTION

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. Apple SwiftNI , Apache Traffic Server , Debian GNU/Linux Used in HTTP/2 Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HTTP/2 is the second version of the hypertext transfer protocol, which is mainly used to ensure the communication between the client and the server. A resource management error vulnerability exists in HTTP/2. An attacker could exploit this vulnerability to cause a denial of service. Description: Skydive is an open source real-time network topology and protocols analyzer. Bugs fixed (https://bugzilla.redhat.com/): 1649870 - CVE-2019-14820 keycloak: adapter endpoints are exposed via arbitrary URLs 1690628 - CVE-2019-3875 keycloak: missing signatures validation on CRL used to verify client certificates 1728609 - CVE-2019-10201 keycloak: SAML broker does not check existence of signature on document allowing any user impersonation 1729261 - CVE-2019-10199 keycloak: CSRF check missing in My Resources functionality in the Account Console 1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1738673 - CVE-2019-10219 hibernate-validator: safeHTML validator allows XSS 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1749487 - CVE-2019-14832 keycloak: cross-realm user access auth bypass 1751227 - CVE-2019-14838 wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default 1755831 - CVE-2019-16335 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 1755849 - CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 1758167 - CVE-2019-17267 jackson-databind: Serialization gadgets in classes of the ehcache package 1758171 - CVE-2019-14892 jackson-databind: Serialization gadgets in classes of the commons-configuration package 1758182 - CVE-2019-14893 jackson-databind: Serialization gadgets in classes of the xalan package 1758187 - CVE-2019-16942 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 1758191 - CVE-2019-16943 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 1764607 - CVE-2019-0210 thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol 1764612 - CVE-2019-0205 thrift: Endless loop when feed with specific input data 1764658 - CVE-2019-12400 xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 1772008 - CVE-2019-14887 wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use 1772464 - CVE-2019-14888 undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS 1775293 - CVE-2019-17531 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 1793154 - CVE-2019-20330 jackson-databind: lacks certain net.sf.ehcache blocking 1796225 - CVE-2020-7238 netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling 1802444 - CVE-2020-1729 SmallRye: SecuritySupport class is incorrectly public and contains a static method to access the current threads context class loader 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1816170 - CVE-2019-12406 cxf: does not restrict the number of message attachments 1816175 - CVE-2019-12419 cxf: OpenId Connect token service does not properly validate the clientId 1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking 1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config 1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap 1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core 1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider 1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane 1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory 1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider 1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime 1826798 - CVE-2020-11620 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly 1826805 - CVE-2020-11619 jackson-databind: Serialization gadgets in org.springframework:spring-aop 5. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Installation instructions are available from the Fuse 7.5.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/ 4. Description: Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. Solution: For OpenShift Container Platform 4.1 see the following documentation, which will be updated shortly for release 4.1.14, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.1/updating/updating-cluster - -cli.html. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: go-toolset-1.11 and go-toolset-1.11-golang security update Advisory ID: RHSA-2019:2682-01 Product: Red Hat Developer Tools Advisory URL: https://access.redhat.com/errata/RHSA-2019:2682 Issue date: 2019-09-09 CVE Names: CVE-2019-9512 CVE-2019-9514 ==================================================================== 1. Summary: An update for go-toolset-1.11 and go-toolset-1.11-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 6. Package List: Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7): Source: go-toolset-1.11-1.11.13-1.el7.src.rpm go-toolset-1.11-golang-1.11.13-2.el7.src.rpm aarch64: go-toolset-1.11-1.11.13-1.el7.aarch64.rpm go-toolset-1.11-build-1.11.13-1.el7.aarch64.rpm go-toolset-1.11-golang-1.11.13-2.el7.aarch64.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.aarch64.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.aarch64.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.aarch64.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.aarch64.rpm go-toolset-1.11-runtime-1.11.13-1.el7.aarch64.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.aarch64.rpm noarch: go-toolset-1.11-golang-docs-1.11.13-2.el7.noarch.rpm ppc64le: go-toolset-1.11-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-build-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-golang-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-runtime-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.ppc64le.rpm s390x: go-toolset-1.11-1.11.13-1.el7.s390x.rpm go-toolset-1.11-build-1.11.13-1.el7.s390x.rpm go-toolset-1.11-golang-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.s390x.rpm go-toolset-1.11-runtime-1.11.13-1.el7.s390x.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.s390x.rpm Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7): Source: go-toolset-1.11-1.11.13-1.el7.src.rpm go-toolset-1.11-golang-1.11.13-2.el7.src.rpm noarch: go-toolset-1.11-golang-docs-1.11.13-2.el7.noarch.rpm ppc64le: go-toolset-1.11-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-build-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-golang-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.ppc64le.rpm go-toolset-1.11-runtime-1.11.13-1.el7.ppc64le.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.ppc64le.rpm s390x: go-toolset-1.11-1.11.13-1.el7.s390x.rpm go-toolset-1.11-build-1.11.13-1.el7.s390x.rpm go-toolset-1.11-golang-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.s390x.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.s390x.rpm go-toolset-1.11-runtime-1.11.13-1.el7.s390x.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.s390x.rpm x86_64: go-toolset-1.11-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-build-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-golang-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-race-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-runtime-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.x86_64.rpm Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7): Source: go-toolset-1.11-1.11.13-1.el7.src.rpm go-toolset-1.11-golang-1.11.13-2.el7.src.rpm noarch: go-toolset-1.11-golang-docs-1.11.13-2.el7.noarch.rpm x86_64: go-toolset-1.11-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-build-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-golang-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-bin-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-misc-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-race-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-src-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-golang-tests-1.11.13-2.el7.x86_64.rpm go-toolset-1.11-runtime-1.11.13-1.el7.x86_64.rpm go-toolset-1.11-scldevel-1.11.13-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-9512 https://access.redhat.com/security/cve/CVE-2019-9514 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXXYgFNzjgjWX9erEAQjAEw//d2v+3X3macsmJgZk38NoHYBM8RM+HBWy EAmC+soQw0qKBqjo2rS+u2g7wiIGM21Wq6qvynYeHMV45R6MnObUH34DSWOBjuio D3I+9Q0KM6PEOoLmsyxj4Zhz0VzoseYVmbg84PiJKvRmyQb8fbr+i5gROEGwthKb V+9v292OTCp2szalLfQX6S+Kmgf6ApT3HPJi9SgL/KkT2+U8hGQOkH8/am7ucQvO atdOY3fPcXq+q8ZHHJ4kiurHAaFZzDlj+kweZKajT4j0gNpZgrkKMce1Q6v94rIe rLeUqr0sCLgGQAw7hnrYFV+NDPpDgdYhnvIEEt83LrAs6i/DosrrCelo3Os4ovyE uqbpg7QJvANtPIbcd/UUw7mH2shObGda2emo+owRnjn/3PRBu3KNuvXx58kvDtDr PgpQctTNE3cF/Y8L3f97g1+w0bmHEUkFbofFQuuyk6fnryiS3yBGa6rQTjo8lXvt Bq2fpQD6gksix8MEAptINiayGeaeVmLNE8Elh3FBOP5f8f22iCZDuKZtpht+85dp MFGtVp0g8o2Z2SD50z4hu07wr3+b3KaQEO1ufgOoOGr2AV0Ra+kZcM5sElnxZWR0 cG2O9nB4vzS5IdnngA2z1aJegDG5Ct1b1coJ0GQtkjxkJBOd2/PZIGxS8mC3+KKg eG36iIntDuQ=phhS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. JIRA issues fixed (https://issues.jboss.org/): KEYCLOAK-11792 - keycloak-spring-boot-2-adapter is missing from Red Hat maven and incremental client adapter zip 6. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. JIRA issues fixed (https://issues.jboss.org/): JBEAP-17075 - (7.2.z) Upgrade yasson from 1.0.2.redhat-00001 to 1.0.5 JBEAP-17220 - (7.2.x) HHH-13504 Upgrade ByteBuddy to 1.9.11 JBEAP-17365 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP6 to 3.6.1.SP7 JBEAP-17476 - [GSS](7.2.z) Upgrade Generic JMS RA 2.0.2.Final JBEAP-17478 - [GSS](7.2.z) Upgrade JBoss Remoting from 5.0.14.SP1 to 5.0.16.Final JBEAP-17483 - [GSS](7.2.z) Upgrade Apache CXF from 3.2.9 to 3.2.10 JBEAP-17495 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17496 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17513 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.11.SP1 to 5.3.13 JBEAP-17521 - (7.2.z) Upgrade picketbox from 5.0.3.Final-redhat-00004 to 5.0.3.Final-redhat-00005 JBEAP-17523 - [GSS](7.2.z) Upgrade wildfly-core from 6.0.16 to 6.0.17 JBEAP-17547 - [GSS](7.2.z) Upgrade Elytron-Tool from 1.4.3 to 1.4.4.Final JBEAP-17548 - [GSS](7.2.z) Upgrade Elytron from 1.6.4.Final-redhat-00001 to 1.6.5.Final-redhat-00001 JBEAP-17560 - [GSS](7.2.z) Upgrade HAL from 3.0.16 to 3.0.17 JBEAP-17579 - [GSS](7.2.z) Upgrade JBoss MSC from 1.4.8 to 1.4.11 JBEAP-17582 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00002 to 2.3.5.SP3-redhat-00003 JBEAP-17604 - Tracker bug for the EAP 7.2.5 release for RHEL-7 JBEAP-17631 - [GSS](7.2.z) Upgrade Undertow from 2.0.25.SP1 to 2.0.26.SP3 JBEAP-17647 - [GSS](7.2.z) Upgrade IronJacamar from 1.4.17.Final to 1.4.18.Final JBEAP-17665 - [GSS](7.2.z) Upgrade XNIO from 3.7.3.Final-redhat-00001 to 3.7.6.Final JBEAP-17722 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.15.Final-redhat-00001 to 1.0.17.Final JBEAP-17874 - (7.2.z) Upgrade to wildfly-openssl 1.0.8 JBEAP-17880 - (7.2.z) Upgrade XNIO from 3.7.6.Final-redhat-00001 to 3.7.6.SP1 7. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section. The References section of this erratum contains a download link (you must log in to download the update)

Trust: 3.33

sources: NVD: CVE-2019-9512 // CERT/CC: VU#605641 // JVNDB: JVNDB-2019-008112 // VULHUB: VHN-160947 // PACKETSTORM: 154638 // PACKETSTORM: 154525 // PACKETSTORM: 157741 // PACKETSTORM: 155352 // PACKETSTORM: 154444 // PACKETSTORM: 154396 // PACKETSTORM: 155520 // PACKETSTORM: 155484 // PACKETSTORM: 155705 // PACKETSTORM: 156852

AFFECTED PRODUCTS

vendor:	apache	model:	traffic server	scope:	lte	version:	6.2.3	Trust: 1.0
vendor:	apache	model:	traffic server	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	10.0.0	Trust: 1.0
vendor:	apache	model:	traffic server	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	8.16.1	Trust: 1.0
vendor:	apple	model:	swiftnio	scope:	lte	version:	1.4.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lte	version:	8.8.1	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	12.0.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lte	version:	10.12.0	Trust: 1.0
vendor:	apache	model:	traffic server	scope:	lte	version:	7.1.6	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	12.8.1	Trust: 1.0
vendor:	apache	model:	traffic server	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	apache	model:	traffic server	scope:	lte	version:	8.0.3	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	lt	version:	10.16.3	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	10.13.0	Trust: 1.0
vendor:	apple	model:	swiftnio	scope:	gte	version:	1.0.0	Trust: 1.0
vendor:	nodejs	model:	node.js	scope:	gte	version:	8.9.0	Trust: 1.0
vendor:	akamai	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	amazon	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apache traffic server	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cloudflare	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	envoy	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	facebook	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	go programming language	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	litespeed	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	netty	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	node js	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	synology	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	twisted	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	grpc	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nghttp2	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nginx	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apache	model:	traffic server	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	swiftnio	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#605641 // JVNDB: JVNDB-2019-008112 // NVD: CVE-2019-9512

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-9512
value:	HIGH
Trust: 1.0
cret@cert.org:	CVE-2019-9512
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-9512
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201908-925
value:	HIGH
Trust: 0.6
VULHUB:	VHN-160947
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-9512
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-160947
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

cret@cert.org:	CVE-2019-9512
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-9512
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-160947 // CNNVD: CNNVD-201908-925 // JVNDB: JVNDB-2019-008112 // NVD: CVE-2019-9512 // NVD: CVE-2019-9512

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-160947 // JVNDB: JVNDB-2019-008112 // NVD: CVE-2019-9512

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-925

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201908-925

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008112

PATCH

title:	DSA-4503	url:	https://www.debian.org/security/2019/dsa-4503	Trust: 0.8
title:	SwiftNIO	url:	https://github.com/apple/swift-nio	Trust: 0.8
title:	[ANNOUNCE] Apache Traffic Server is vulnerable to various HTTP/2 attacks (3921083)	url:	https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E	Trust: 0.8
title:	[ANNOUNCE] Apache Traffic Server is vulnerable to various HTTP/2 attacks (ad3d01e)	url:	https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E	Trust: 0.8
title:	[ANNOUNCE] Apache Traffic Server is vulnerable to various HTTP/2 attacks (bde5230)	url:	https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E	Trust: 0.8
title:	HTTP/2 Remedial measures to achieve security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96610	Trust: 0.6

sources: CNNVD: CNNVD-201908-925 // JVNDB: JVNDB-2019-008112

EXTERNAL IDS

db:	NVD	id:	CVE-2019-9512	Trust: 3.5
db:	CERT/CC	id:	VU#605641	Trust: 3.3
db:	OPENWALL	id:	OSS-SECURITY/2019/08/20/1	Trust: 1.7
db:	MCAFEE	id:	SB10296	Trust: 1.7
db:	PACKETSTORM	id:	155705	Trust: 0.8
db:	JVN	id:	JVNVU93696206	Trust: 0.8
db:	JVN	id:	JVNVU98433488	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-008112	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-925	Trust: 0.7
db:	PACKETSTORM	id:	155396	Trust: 0.7
db:	PACKETSTORM	id:	156209	Trust: 0.7
db:	PACKETSTORM	id:	158651	Trust: 0.7
db:	PACKETSTORM	id:	157741	Trust: 0.7
db:	PACKETSTORM	id:	155352	Trust: 0.7
db:	PACKETSTORM	id:	155520	Trust: 0.7
db:	PACKETSTORM	id:	155484	Trust: 0.7
db:	PACKETSTORM	id:	156852	Trust: 0.7
db:	PACKETSTORM	id:	157214	Trust: 0.6
db:	PACKETSTORM	id:	156941	Trust: 0.6
db:	PACKETSTORM	id:	158095	Trust: 0.6
db:	PACKETSTORM	id:	156628	Trust: 0.6
db:	PACKETSTORM	id:	154135	Trust: 0.6
db:	PACKETSTORM	id:	155728	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4238	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4737	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4332	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4324	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1030	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2619	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4533	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0643	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1766	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3152	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1076	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0994	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3114	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3597.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0007	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4645	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4596	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4586	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0100	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4788	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2071	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4697	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4484	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1335	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1427	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4368	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4665	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0832	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3597.3	Trust: 0.6
db:	NSFOCUS	id:	43919	Trust: 0.6
db:	CS-HELP	id:	SB2022072128	Trust: 0.6
db:	ICS CERT	id:	ICSA-19-346-01	Trust: 0.6
db:	PACKETSTORM	id:	154444	Trust: 0.2
db:	PACKETSTORM	id:	154396	Trust: 0.2
db:	PACKETSTORM	id:	154525	Trust: 0.2
db:	PACKETSTORM	id:	154638	Trust: 0.2
db:	PACKETSTORM	id:	155024	Trust: 0.1
db:	PACKETSTORM	id:	154430	Trust: 0.1
db:	PACKETSTORM	id:	154888	Trust: 0.1
db:	PACKETSTORM	id:	158650	Trust: 0.1
db:	PACKETSTORM	id:	154222	Trust: 0.1
db:	PACKETSTORM	id:	154475	Trust: 0.1
db:	PACKETSTORM	id:	155037	Trust: 0.1
db:	PACKETSTORM	id:	154058	Trust: 0.1
db:	PACKETSTORM	id:	154425	Trust: 0.1
db:	VULHUB	id:	VHN-160947	Trust: 0.1

sources: CERT/CC: VU#605641 // VULHUB: VHN-160947 // PACKETSTORM: 154638 // PACKETSTORM: 154525 // PACKETSTORM: 157741 // PACKETSTORM: 155352 // PACKETSTORM: 154444 // PACKETSTORM: 154396 // PACKETSTORM: 155520 // PACKETSTORM: 155484 // PACKETSTORM: 155705 // PACKETSTORM: 156852 // CNNVD: CNNVD-201908-925 // JVNDB: JVNDB-2019-008112 // NVD: CVE-2019-9512

REFERENCES

url:	https://www.debian.org/security/2019/dsa-4503	Trust: 2.9
url:	https://github.com/netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md	Trust: 2.5
url:	https://www.synology.com/security/advisory/synology_sa_19_33	Trust: 2.5
url:	https://seclists.org/bugtraq/2019/aug/24	Trust: 2.5
url:	https://kb.cert.org/vuls/id/605641/	Trust: 2.5
url:	https://access.redhat.com/errata/rhsa-2019:3892	Trust: 2.4
url:	https://access.redhat.com/errata/rhsa-2019:4019	Trust: 2.4
url:	https://access.redhat.com/errata/rhsa-2019:4045	Trust: 2.4
url:	https://access.redhat.com/errata/rhsa-2019:4273	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9512	Trust: 2.4
url:	https://access.redhat.com/errata/rhsa-2019:4018	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4020	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4021	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4040	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4041	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4042	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4269	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:4352	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2019:2661	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:2682	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:2796	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:2861	Trust: 1.8
url:	https://seclists.org/bugtraq/2019/aug/31	Trust: 1.7
url:	https://seclists.org/bugtraq/2019/aug/43	Trust: 1.7
url:	https://seclists.org/bugtraq/2019/sep/18	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20190823-0001/	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20190823-0004/	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20190823-0005/	Trust: 1.7
url:	https://support.f5.com/csp/article/k98053339	Trust: 1.7
url:	https://www.debian.org/security/2019/dsa-4508	Trust: 1.7
url:	https://www.debian.org/security/2019/dsa-4520	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2019/aug/16	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html	Trust: 1.7
url:	http://www.openwall.com/lists/oss-security/2019/08/20/1	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2594	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2690	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2726	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2766	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2769	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2925	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2939	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2955	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:2966	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:3131	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:3245	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:3265	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2019:3906	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2020:0406	Trust: 1.7
url:	https://access.redhat.com/errata/rhsa-2020:0727	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html	Trust: 1.7
url:	https://usn.ubuntu.com/4308-1/	Trust: 1.7
url:	https://blogs.akamai.com/sitr/2019/08/http2-vulnerabilities.html	Trust: 1.6
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10296	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9512	Trust: 1.4
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2019-9514	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9514	Trust: 1.0
url:	https://bugzilla.redhat.com/):	Trust: 1.0
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 1.0
url:	https://access.redhat.com/security/team/contact/	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2019-9512	Trust: 1.0
url:	https://support.f5.com/csp/article/k98053339?utm_source=f5support&amp%3butm_medium=rss	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/	Trust: 1.0
url:	https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3cannounce.trafficserver.apache.org%3e	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4bbp27pzgsy6op6d26e5fw4gzkbfhnu7/	Trust: 1.0
url:	https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3cusers.trafficserver.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3cdev.trafficserver.apache.org%3e	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lyo6e3h34c346d2e443glxk7ok6kiyiq/	Trust: 1.0
url:	https://vuls.cert.org/confluence/pages/viewpage.action?pageid=56393752	Trust: 0.8
url:	https://tools.ietf.org/html/rfc7540	Trust: 0.8
url:	https://tools.ietf.org/html/rfc7541	Trust: 0.8
url:	https://blog.cloudflare.com/on-the-recent-http-2-dos-attacks/	Trust: 0.8
url:	https://blog.litespeedtech.com/2019/08/15/litespeed-addresses-http-2-dos-advisories/	Trust: 0.8
url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9511https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9512https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9513https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9514https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9518	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu98433488/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93696206/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lyo6e3h34c346d2e443glxk7ok6kiyiq/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4bbp27pzgsy6op6d26e5fw4gzkbfhnu7/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/	Trust: 0.7
url:	https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3cannounce.trafficserver.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3cdev.trafficserver.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3cusers.trafficserver.apache.org%3e	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2019-9515	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9515	Trust: 0.6
url:	http2-cves/	Trust: 0.6
url:	https://www.cloudfoundry.org/blog/various-	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9518	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9517	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9516	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9515	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9514	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9513	Trust: 0.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9511	Trust: 0.6
url:	https://support.f5.com/csp/article/k98053339?utm_source=f5support&utm_medium=rss	Trust: 0.6
url:	https://support.apple.com/en-au/ht210436	Trust: 0.6
url:	https://support.f5.com/csp/article/k50233772	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1126605	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1104951	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2019:3905	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-19-346-01	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1109787	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1109781	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1108515	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1109775	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1165894	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1165906	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1135167	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1164346	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1164364	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1128387	Trust: 0.6
url:	https://packetstormsecurity.com/files/157214/red-hat-security-advisory-2020-1445-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4368/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4788/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4586/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0994/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-protect-plus-cve-2019-15606-cve-2019-15604-cve-2019-15605-cve-2019-9511-cve-2019-9516-cve-2019-9512-cve-2019-9517-cve-2019-951/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4332/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0643/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4484/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-db2-that-affect-the-ibm-performance-management-product/	Trust: 0.6
url:	http2-implementation-vulnerablility/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-susceptible-to-	Trust: 0.6
url:	https://packetstormsecurity.com/files/155728/red-hat-security-advisory-2019-4352-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2619/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3114/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-kubernetes-affect-ibm-infosphere-information-server/	Trust: 0.6
url:	https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9512	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-operations-center-and-client-management-service/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1335/	Trust: 0.6
url:	https://packetstormsecurity.com/files/157741/red-hat-security-advisory-2020-2067-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/156209/red-hat-security-advisory-2020-0406-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3597.3/	Trust: 0.6
url:	https://packetstormsecurity.com/files/158095/red-hat-security-advisory-2020-2565-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4737/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0832/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1137466	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/43919	Trust: 0.6
url:	https://vigilance.fr/vulnerability/http-2-multiple-vulnerabilities-30040	Trust: 0.6
url:	https://packetstormsecurity.com/files/155484/red-hat-security-advisory-2019-4019-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-netty-affect-ibm-operations-analytics-predictive-insights-cve-2019-9514-cve-2019-9512-cve-2019-9518-cve-2019-9515/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1076/	Trust: 0.6
url:	https://packetstormsecurity.com/files/156628/red-hat-security-advisory-2020-0727-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-3/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2071/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1127397	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1427/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4645/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3597.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4665/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-netty/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-netty-affect-ibm-netcool-agile-service-manager/	Trust: 0.6
url:	https://pivotal.io/security/cve-2019-9517	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4697/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-vulnerabilities-in-websphere-application-server-liberty-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9512-cve-2019-9514-c/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4596/	Trust: 0.6
url:	https://support.apple.com/en-us/ht210436	Trust: 0.6
url:	https://packetstormsecurity.com/files/155520/red-hat-security-advisory-2019-4045-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-db2-and-ibm-java-runtime-affect-ibm-spectrum-protect-server/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1128279	Trust: 0.6
url:	https://packetstormsecurity.com/files/156852/red-hat-security-advisory-2020-0922-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/156941/red-hat-security-advisory-2020-0983-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1766/	Trust: 0.6
url:	https://packetstormsecurity.com/files/154135/debian-security-advisory-4503-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072128	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3152/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-multiple-vulnerabilities-in-websphere-application-server-liberty/	Trust: 0.6
url:	https://packetstormsecurity.com/files/158651/red-hat-security-advisory-2020-3197-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4324/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4533/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1150960	Trust: 0.6
url:	https://packetstormsecurity.com/files/155396/red-hat-security-advisory-2019-3906-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0100/	Trust: 0.6
url:	https://packetstormsecurity.com/files/155705/red-hat-security-advisory-2019-4273-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0007/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4238/	Trust: 0.6
url:	https://packetstormsecurity.com/files/155352/red-hat-security-advisory-2019-3892-01.html	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1165852	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1030/	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1127853	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/1168528	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.5
url:	https://access.redhat.com/articles/11258	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14838	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9511	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-9511	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-14838	Trust: 0.3
url:	https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-7238	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9518	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-16869	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16869	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9518	Trust: 0.2
url:	https://issues.jboss.org/):	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14843	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-14843	Trust: 0.2
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10296	Trust: 0.1
url:	https://support.f5.com/csp/article/k98053339?utm_source=f5support&amp;utm_medium=rss	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-16335	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11112	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-3875	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11113	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-10968	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14832	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-9546	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-16943	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-10672	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10201	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.5/html/release_notes_for_thorntail_2.5/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11619	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:2067	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3875	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12406	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12400	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0210	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0205	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12419	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-10673	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17531	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16335	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-0210	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10086	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10219	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14832	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17531	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14540	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17267	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10199	Trust: 0.1
url:	https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=catrhoar.thorntail&version=2.5.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16942	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12406	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14887	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14892	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10201	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-9548	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-1729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16943	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-10969	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11620	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12419	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17267	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-0205	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14893	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11111	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10199	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-9547	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-16942	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14893	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14888	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14892	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10219	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10086	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14887	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14540	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14820	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-8840	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14820	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14888	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-11796	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-0204	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-15095	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-19360	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-8034	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14720	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-14718	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14718	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19361	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-14719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-12022	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-14720	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-1000850	Trust: 0.1
url:	https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=jboss.fuse&version=7.5.0	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1000850	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0201	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-12023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-17485	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-8009	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-8034	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19360	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-11775	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-11796	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-19362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1131	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-1131	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0204	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-12023	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-14721	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-12022	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-11775	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-11307	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14721	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14860	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-0201	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-17485	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-15095	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-8009	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-11307	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14860	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-19361	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.1/updating/updating-cluster	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/	Trust: 0.1
url:	https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.rhsso&downloadtype=securitypatches&version=7.3	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14837	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14837	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-0222	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_amq/7.6/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9517	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20444	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10247	Trust: 0.1
url:	https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=jboss.amq.broker&version=7.6.0&productchanged=yes	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-9517	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20445	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-9516	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20444	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7238	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:0922	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10241	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10247	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9516	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-10241	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20445	Trust: 0.1

CREDITS

Red Hat

Trust: 1.0

sources: PACKETSTORM: 154638 // PACKETSTORM: 154525 // PACKETSTORM: 157741 // PACKETSTORM: 155352 // PACKETSTORM: 154444 // PACKETSTORM: 154396 // PACKETSTORM: 155520 // PACKETSTORM: 155484 // PACKETSTORM: 155705 // PACKETSTORM: 156852

SOURCES

db:	CERT/CC	id:	VU#605641
db:	VULHUB	id:	VHN-160947
db:	PACKETSTORM	id:	154638
db:	PACKETSTORM	id:	154525
db:	PACKETSTORM	id:	157741
db:	PACKETSTORM	id:	155352
db:	PACKETSTORM	id:	154444
db:	PACKETSTORM	id:	154396
db:	PACKETSTORM	id:	155520
db:	PACKETSTORM	id:	155484
db:	PACKETSTORM	id:	155705
db:	PACKETSTORM	id:	156852
db:	CNNVD	id:	CNNVD-201908-925
db:	JVNDB	id:	JVNDB-2019-008112
db:	NVD	id:	CVE-2019-9512

LAST UPDATE DATE

2025-09-28T21:12:45.018000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#605641	date:	2019-11-19T00:00:00
db:	VULHUB	id:	VHN-160947	date:	2019-08-23T00:00:00
db:	CNNVD	id:	CNNVD-201908-925	date:	2022-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2019-008112	date:	2019-08-26T00:00:00
db:	NVD	id:	CVE-2019-9512	date:	2024-11-21T04:51:46.193

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#605641	date:	2019-08-13T00:00:00
db:	VULHUB	id:	VHN-160947	date:	2019-08-13T00:00:00
db:	PACKETSTORM	id:	154638	date:	2019-09-27T13:02:22
db:	PACKETSTORM	id:	154525	date:	2019-09-19T16:25:47
db:	PACKETSTORM	id:	157741	date:	2020-05-18T16:42:53
db:	PACKETSTORM	id:	155352	date:	2019-11-15T16:16:10
db:	PACKETSTORM	id:	154444	date:	2019-09-11T13:57:29
db:	PACKETSTORM	id:	154396	date:	2019-09-09T23:02:04
db:	PACKETSTORM	id:	155520	date:	2019-12-02T19:20:27
db:	PACKETSTORM	id:	155484	date:	2019-11-27T15:43:14
db:	PACKETSTORM	id:	155705	date:	2019-12-17T15:43:02
db:	PACKETSTORM	id:	156852	date:	2020-03-23T15:57:42
db:	CNNVD	id:	CNNVD-201908-925	date:	2019-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2019-008112	date:	2019-08-26T00:00:00
db:	NVD	id:	CVE-2019-9512	date:	2019-08-13T21:15:12.287