New Critical HTTP/2 Vulnerability Exposes Major Web Servers to DoS Attacks
Cybersecurity researchers have uncovered a critical denial-of-service (DoS) exploit, named "HTTP/2 Bomb," affecting widely used web servers like NGINX, Apache, IIS, Envoy, and Cloudflare Pingora. This vulnerability leverages HTTP/2's header compression to overwhelm server resources with minimal data. Patches are available for some affected servers, with recommendations to disable HTTP/2 if immediate upgrades are not possible.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.