1. Critical HTTP/2 DoS Flaw CVE-2023-44487 Forces Major Build Pinning in Eclipse Jetty Project
A critical vulnerability in the Eclipse Jetty project has forced a significant and complex build-system intervention to mitigate a denial-of-service risk. The flaw, CVE-2023-44487, is an HTTP/2 Rapid Reset Attack that allows an attacker to bypass concurrent stream limits and cause a DoS condition through rapid stream c...