High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-13	CVE-2019-9513	Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs	7.5
2019-08-13	CVE-2019-9511	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee f5 nodejs CWE-770	7.5
2019-04-25	CVE-2019-9900	Injection vulnerability in multiple products When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). network low complexity envoyproxy redhat CWE-74	8.3