PR3MIUM
Senior Member
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
Source:
New HTTP/2 DoS attack can crash web servers with a single connection
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
www.bleepingcomputer.com
CERT/CC Vulnerability Note VU#421644
HTTP/2 CONTINUATION frames can be utilized for DoS attacks
kb.cert.org