Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Vulnerability - CVE-2018-11763 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Vulnerability - CVE-2018-11763

Medium
Reference: CVE-2018-11763
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-11763
Title: Apache HTTP Server Vulnerability
Overview:

In Apache HTTP Server 2.4.17 to 2.4.34 by sending continuous large SETTINGS frames a client can occupy a connection server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.