Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HApache Traffic Server
APPApache6.0.0 – 6.2.37.0.0 – 7.1.68.0.0 – 8.0.3Apple Mac Os X
OSApple≥ 10.12Apple Swiftnio
APPApple1.0.0 – 1.4.0Canonical Ubuntu
OSCanonical16.0418.0419.04≥ 14.04Debian
OSDebian10.09.0F5 nginx
APPF51.9.5 – 1.16.1 (bez)1.17.0 – 1.17.2Fedora Project Fedora
OSFedoraproject2930Mcafee Web Gateway
APPMcafee7.8.2.0 – 7.8.2.13 (bez)8.1.0 – 8.2.0 (bez)7.7.2.0 – 7.7.2.24 (bez)Node.js
APPNodejs12.0.0 – 12.8.1 (bez)8.0.0 – 8.8.18.9.0 – 8.16.1 (bez)10.0.0 – 10.12.010.13.0 – 10.16.3 (bez)Opensuse Leap
OSOpensuse15.015.1Oracle Enterprise Communications Broker
APPOracle3.1.03.2.0Oracle Graalvm
APPOracle19.2.0Red Hat Enterprise Linux
OSRedhat8.0Red Hat Jboss Core Services
APPRedhat1.0Red Hat Jboss Enterprise Application Platform
APPRedhat7.2.07.3.0Red Hat Openshift Service Mesh
APPRedhat1.0Red Hat Quay
APPRedhat3.0.0Red Hat Software Collections
APPRedhat1.0Synology Diskstation Manager
OSSynology6.2Synology Skynas
APPSynologywszystkie wersjeSynology Vs960hd
HWSynologywszystkie wersjeSynology Vs960hd Firmware
OSSynologywszystkie wersje
Related vulnerabilities
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki