Original Post: HTTP/2 CONTINUATION Flood Vulnerability
HTTP/2 is a web communication protocol that divides data transmission into smaller messages called frames. HEADER frames are used to transmit HTTP headers and can be marked with flags like END_HEADERS and END_STREAM. A recent vulnerability, known as HTTP/2 CONTINUATION Flood, leverages the CONTINUATION frame to create an infinite stream of headers that can lead to Denial-of-Service attacks. Imperva’s Cloud WAF includes security mechanisms to prevent such attacks and offers additional protection for HTTP/2 connections. Imperva Threat Research is monitoring for new developments related to this vulnerability.
Go here to read the Original Post