Description
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
Remediation
References
Related Vulnerabilities
e107 Other Vulnerability (CVE-2005-1966)
Adobe Coldfusion 8 multiple linked XSS vulnerabilies
WordPress Plugin YITH Maintenance Mode Multiple Cross-Site Scripting Vulnerabilities (1.3.8)
Oracle JRE CVE-2013-5838 Vulnerability (CVE-2013-5838)
WordPress Plugin Contact Form 7 Redirect & Thank You Page Cross-Site Request Forgery (1.0.3)