Description
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
Remediation
References
Related Vulnerabilities
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (3.34.5)
Internet Information Services Other Vulnerability (CVE-2001-0337)
WordPress Plugin VaultPress Remote Code Execution (1.9.0)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)