nghttp2 -- Out of memory in nghttpd, nghttp, and libnghttp2_asio
Out of memory in nghttpd, nghttp, and libnghttp2_asio applications
due to unlimited incoming HTTP header fields.
nghttpd, nghttp, and libnghttp2_asio applications do not limit the memory usage
for the incoming HTTP header field. If peer sends specially crafted HTTP/2
HEADERS frames and CONTINUATION frames, they will crash with out of memory
Note that libnghttp2 itself is not affected by this vulnerability.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright