Lucene search
Redhat.comRH:CVE-2024-2653HistoryApr 03, 2024 - 7:26 p.m.
CVE-2024-2653
2024-04-0319:26:54
redhat.com
access.redhat.com
13
amphp
vulnerability
http/2
remote attacker
denial of service
A vulnerability was found in how amphp implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute or memory resources to cause a Denial of Service.
Mitigation
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Related
nvd
nvd
CVE-2024-2653
2024-04-03 18:15:07
osv
osv
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 18:06:45
cvelist
cvelist
CVE-2024-2653 CVE-2024-2653
2024-04-03 17:18:29
veracode
veracode
Denial Of Service (DoS)
2024-04-04 05:00:45
friendsofphp
friendsofphp
Denial of Service via HTTP/2 CONTINUATION Frames
1970-01-01 00:00:00
Denial of Service via HTTP/2 CONTINUATION Frames
1970-01-01 00:00:00
gitlab
gitlab
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 00:00:00
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 00:00:00
f5
f5
K000139227 : amphp/http vulnerability CVE-2024-2653
2024-04-09 00:00:00
cve
cve
CVE-2024-2653
2024-04-03 18:15:07
github
github
AMPHP Denial of Service via HTTP/2 CONTINUATION Frames
2024-04-03 18:06:45
arista
arista
Security Advisory 0094
2024-04-05 00:00:00
thn
thn
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
2024-04-04 11:15:00
cert
cert
HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2024-04-03 00:00:00