Description
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
INFO
Published Date :
2024-04-04T19:21:41.984Z
Last Modified :
2025-11-04T22:06:02.830Z
Source :
apache
AFFECTED PRODUCTS
The following products are affected by CVE-2024-27316 vulnerability.
| Vendors | Products |
|---|---|
| Apache |
|
| Fedoraproject |
|
| Netapp |
|
| Redhat |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-27316.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact