Description
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Remediation
References
Related Vulnerabilities
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
Oracle Application Server CVE-2007-5517 Vulnerability (CVE-2007-5517)
Moodle Incorrect Authorization Vulnerability (CVE-2022-0333)
Oracle JRE CVE-2013-2416 Vulnerability (CVE-2013-2416)
WordPress Plugin A Page Flip Book 'pageflipbook_language' Parameter Local File Include (2.3)