GHSA-xpw8-rcwv-8f8p
ADVISORY - githubSummary
A client might overload the server by issue frequent RST frames. This can cause a massive amount of load on the remote system and so cause a DDOS attack.
Impact
This is a DDOS attack, any http2 server is affected and so you should update as soon as possible.
Patches
This is patched in version 4.1.100.Final.
Workarounds
A user can limit the amount of RST frames that are accepted per connection over a timeframe manually using either an own Http2FrameListener
implementation or an ChannelInboundHandler
implementation (depending which http2 API is used).
References
Common Weakness Enumeration (CWE)
ADVISORY - github
Uncontrolled Resource Consumption
ADVISORY - gitlab
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in