Vault, Consul, and Boundary Affected By HTTP/2 “Rapid Reset” Denial of Service Vulnerability (CVE-2023-44487)
Summary A denial of service vulnerability was identified in many implementations of the HTTP/2 protocol CVE-2023-44487, including Go’s implementation CVE-2023-39325. This was addressed by updating vulnerable components for the affected HashiCorp products listed above. Background In October 2023, ...