Description
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
Remediation
References
Related Vulnerabilities
WordPress Plugin Survey Maker-Best WordPress Survey Unspecified Vulnerability (3.2.0)
WordPress Plugin Captcha by BestWebSoft Security Bypass (4.0.6)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6897)
ownCloud Improper Authentication Vulnerability (CVE-2012-4392)
Zope Web Application Server Other Vulnerability (CVE-2007-0240)