Description
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.
Remediation
References
Related Vulnerabilities
WordPress Plugin Featured Video Plus Unspecified Vulnerability (2.2.3)
WordPress Plugin Gift Certificate Creator Cross-Site Scripting (1.0.0)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4298)
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)