2 matches found
RUSTSEC-2024-0332 Degradation of service in h2 servers with CONTINUATION Flood
An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...
CVE-2024-23323
A flaw was found in the Envoy proxy. The regex expression is compiled for every request and can result in high CPU usage and increased request latency when multiple routes are configured with such matchers...