HTTP/2 CONTINUATION Flood

Pierluigi Paganini April 05, 2024
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks

HTTP/2 CONTINUATION Flood: Researchers warn of a new HTTP/2 vulnerability that can be exploited to conduct powerful denial-of-service (DoS) attacks. HTTP messages can contain named fields in both header and trailer sections. CERT/CC experts explained that both header and trailer fields are serialized as field blocks in HTTP/2 to transmit them in multiple fragments to […]