CVE-2019-9516: 0-length HEADERS memory leak

High

Lukasa published GHSA-9cqv-v2w2-7j52 Aug 13, 2019 · 1 comment

Package

swift-nio-http2 (Swift)

Affected versions

>=1.0.0,<1.5.0

Patched versions

1.5.0

Description

Impact

Denial of service attack on HTTP/2 servers.

Patches

Available in 1.5.0.

Workarounds

There is no meaningful workaround without upgrading.