New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks


New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024.
“Many HTTP/2 implementations do not properly limit or sanitize the

The post “New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)