New HTTP/2 DoS attack can crash web servers with a single connection
April 4, 2024 at 11:30AM Newly discovered HTTP/2 protocol vulnerabilities, “CONTINUATION Flood,” can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations. Discovered by researcher Barket Nowotarski, these vulnerabilities relate to the use of HTTP/2 CONTINUATION frames, not properly limited or checked, potentially causing memory outages, … Read more