HTTP/2 `CONTINUATION` Flood nowotarski.info
05 квітня
· 2
·
0
What is the CONTINUATION Flood? It is a new class of vulnerabilities in multiple implementations of HTTP/2 protocol. The root cause is an incorrect handling of HEADERS and multiple CONTINUATION frames which ultimately leads to Denial of Service. The outcome depends on the implementation but ranges from instant crash after sending a couple of HTTP/2 frames, Out Of Memory crash, to CPU exhaustion affecting server availability. More technical details can be found in HTTP/2 CONTINUATION Flood: Technical Details post.
Коментарі (0)
Щоб залишити коментар необхідно авторизуватися.
Ще немає коментарів