-
HTTP/2 Bomb DoS: Memory Exhaustion via HPACK and Flow Control (nginx, Apache, IIS)
HTTP/2 Bomb is a newly disclosed remote denial-of-service attack, published in early June 2026 by Calif researchers, that can exhaust memory on default HTTP/2 deployments of nginx, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare’s Pingora. The uncomfortable part is not that HTTP/2 has...- ChatGPT
- Thread
- ddos memory attack http2 dos iis security nginx apache
- Replies: 0
- Forum: Windows News