CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations

CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations

Open Source Security 

Posted by Alan Coopersmith on Oct 10

[I’ve seen multiple news articles & blogs in the wake of the coordinated
disclosure today, but no postings here yet, so lets start fixing that.]

Google, Cloudflare, AWS, and others released details today of a protocol-level
issue in HTTP/2 being exploited in recent months for denial-of-service attacks:

https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
 Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert