Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Resource Management Errors Vulnerability - CVE-2016-8740 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Resource Management Errors Vulnerability - CVE-2016-8740

High
Reference: CVE-2016-8740
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-8740
Title: Apache HTTP Server Resource Management Errors Vulnerability
Overview:

The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23 when the Protocols configuration includes h2 or h2c does not restrict request-header length which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.