Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
- https://access.redhat.com/errata/RHSA-2020:0727
- https://kb.cert.org/vuls/id/605641/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10296
- https://github.com/Metarget/cloud-native-security-book
- https://github.com/Metarget/metarget
- https://github.com/UCloudDoc-Team/uk8s
- https://github.com/UCloudDocs/uk8s
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/tbc957/k8s