The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
HIGH Vulnerable Package issue exists @ org.apache.tomcat:tomcat-coyote in branch refs/heads/master
Description
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
HIGH Vulnerable Package issue exists @ org.apache.tomcat:tomcat-coyote in branch refs/heads/master
Vulnerability ID: CVE-2023-44487
Package Name: org.apache.tomcat:tomcat-coyote
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2023-10-10T09:17:00
Current Package Version: 9.0.22
Remediation Upgrade Recommendation: 9.0.90
Link To SCA
Reference – NVD link