THE article discusses a newly discovered vulnerability, termed the HTTP/2 bomb, which enables remote denial-of-service (DoS) attacks on popular web servers including NGINX, Apache, IIS, Envoy, and Cloudflare. This vulnerability can potentially disrupt web services by overwhelming servers with excessive requests. The author emphasizes the importance of prompt security updates to mitigate the risk associated with this vulnerability and highlights the critical nature of robust server security practices.
New HTTP/2 Bomb Flaw Lets Attackers Crash Major Web Servers
CyberSIXT Evidence Panel
Source marked as original reporting
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
New HTTP/2 Bomb Exploit Disables Thousands of Web Servers
securityweek.com
-
New HTTP/2 Bomb Flaw Lets Attackers Crash Major Web Servers
thehackernews.com
-
HTTP/2 Bomb threatens 880k servers with memory draining DoS
securityonline.info