jschauma, 2 months ago to random This new HTTP/2 DoS vulnerability (CONTINUATION Flood) was just disclosed after several weeks of well coordinated disclosure across all the major HTTP implementations yielding multiple CVEs: https://www.kb.cert.org/vuls/id/421644 Detailed write-up by Bartek Nowotarski, who discovered the issue: https://nowotarski.info/http2-continuation-flood-technical-details/ #http2 #VU421644
This new HTTP/2 DoS vulnerability (CONTINUATION Flood) was just disclosed after several weeks of well coordinated disclosure across all the major HTTP implementations yielding multiple CVEs:
https://www.kb.cert.org/vuls/id/421644
Detailed write-up by Bartek Nowotarski, who discovered the issue: https://nowotarski.info/http2-continuation-flood-technical-details/
#http2 #VU421644