HTTP/2 Server 安全漏洞

admin

0
文章

0
评论

2022-10-10 06:17:50 CNNVD漏洞来源：ZONE.CI 全球网 0 阅读模式

漏洞信息详情

HTTP/2 Server 安全漏洞

CNNVD编号：CNNVD-201908-935
危害等级：高危
CVE编号： CVE-2019-9513
漏洞类型：其他
发布时间： 2019-08-13
威胁类型：远程
更新时间： 2022-03-10
厂商：
漏洞来源： Red Hat

漏洞简介

HTTP/2是超文本传输协议的第二版，主要用于保证客户机与服务器之间的通信。

HTTP/2中存在安全漏洞。攻击者可利用该漏洞导致拒绝服务。

漏洞公告

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页：

https://http2.github.io/

参考网址

来源:DEBIAN

链接:https://www.debian.org/security/2019/dsa-4511

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/

来源:CONFIRM

链接:https://kc.mcafee.com/corporate/index?page=content&id=SB10296

来源:DEBIAN

链接:https://www.debian.org/security/2020/dsa-4669

来源:UBUNTU

链接:https://usn.ubuntu.com/4099-1/

来源:CONFIRM

链接:https://www.synology.com/security/advisory/Synology_SA_19_33

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.HTML

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2939

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2955

来源:BUGTRAQ

链接:https://seclists.org/bugtraq/2019/Aug/40

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2775

来源:BUGTRAQ

链接:https://seclists.org/bugtraq/2019/Sep/1

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2799

来源:MISC

链接:https://www.oracle.com/security-alerts/cpuoct2020.HTML

来源:MISC

链接:https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20190823-0002/

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/

来源:CONFIRM

链接:https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.HTML

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.HTML

来源:kb.cert.org

链接:https://kb.cert.org/vuls/id/605641/

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.HTML

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.HTML

来源:DEBIAN

链接:https://www.debian.org/security/2019/dsa-4505

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2949

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2746

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2966

来源:MISC

链接:https://www.oracle.com/security-alerts/cpujan2021.HTML

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:3935

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20190823-0005/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2925

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:3932

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2745

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:3933

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2692

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:3041

来源:http2-cves

链接:http2-cves/

来源:www.cloudfoundry.org

链接:https://www.cloudfoundry.org/blog/various-

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512

来源:cve.mitre.org

链接:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.HTML

来源:usn.ubuntu.com

链接:https://usn.ubuntu.com/4099-1/

来源:mailman.nginx.org

链接:http://mailman.nginx.org/pipermail/nginx-announce/2019/000249.HTML

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:3935

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:3933

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:3932

来源:www.debian.org

链接:https://www.debian.org/security/2019/dsa-4511

来源:security.business.xerox.com

链接:https://security.business.xerox.com/wp-content/uploads/2019/11/cert_XRX19-029_FFPSv2_Win10_SecurityBulletin_Nov2019.pdf

来源:www.suse.com

链接:https://www.suse.com/support/update/announcement/2019/suse-su-20192254-1.HTML

来源:support.f5.com

链接:https://support.f5.com/csp/article/K50233772

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1126605

来源:www.suse.com

链接:https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.HTML

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1104951

来源:www.us-cert.gov

链接:https://www.us-cert.gov/ics/advisories/icsa-19-346-01

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1165894

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1165906

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1135167

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1164346

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1164364

来源:www.suse.com

链接:https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1544/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-9513

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1127397

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1128387

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4645/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4403/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.3597.2/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4665/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4788/

来源:pivotal.io

链接:https://pivotal.io/security/cve-2019-9517

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-protect-plus-cve-2019-15606-cve-2019-15604-cve-2019-15605-cve-2019-9511-cve-2019-9516-cve-2019-9512-cve-2019-9517-cve-2019-951/

来源:http-2-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9514-cve-2019-9512-cve-2019

链接:http-2-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9514-cve-2019-9512-cve-2019/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-console-and-rest-api-are-vulnerable-to-multiple-denial-of-service-attacks-within-

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-vulnerabilities-in-websphere-application-server-liberty-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9512-cve-2019-9514-c/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4596/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0643/

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1143454

来源:http2-implementation-vulnerablility

链接:http2-implementation-vulnerablility/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-susceptible-to-

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.3306/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.3116/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator/

来源:portal.msrc.microsoft.com

链接:https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2019-9513

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-kubernetes-affect-ibm-infosphere-information-server/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.3299/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156941/Red-Hat-Security-Advisory-2020-0983-01.HTML

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-operations-center-and-client-management-service/

来源:http-2-implementation-used-by-watson-knowlEdge-catalog-for-ibm-cloud-pak-for-data

链接:http-2-implementation-used-by-watson-knowlEdge-catalog-for-ibm-cloud-pak-for-data/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-multiple-vulnerabilities-in-websphere-application-server-liberty/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.3597.3/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/155414/Red-Hat-Security-Advisory-2019-3935-01.HTML

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1150960

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1137466

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.4343/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0100/