CVE-2023-44487 – Rapid Reset HTTP/2 attack

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487¬†was published on 10 October 2023. It outlines a vulnerability in the HTTP/2 protocol, which allows DDoS attacks on a massive scale. LiteSpeed Technologies made a … Read more