CVE-2023-44487: HTTP/2 Rapid Reset Attack
harry-xm opened this issue · comments
harry-xm commented
Ⅰ. Issue Description
Tengine is likely affected by the recently disclosed CVE-2023-44487 vulnerability.
Ⅱ. Describe what happened
Nginx has committed a related changset in tip. https://hg.nginx.org/nginx/rev/cdda286c0f1b
Ⅲ. Describe what you expected to happen
Once Nginx releases complete fix for the vulnerability, incorporate their changes and release a new version of Tengine.