{"uuid": "653db60c-b39e-4838-acd5-0d5318a92f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-31309", "type": "seen", "source": "https://t.me/arpsyndicate/4585", "content": "#ExploitObserverAlert\n\nCVE-2024-31309\n\nDESCRIPTION: Exploit Observer has 21 entries in 6 file formats related to CVE-2024-31309. HTTP/2 CONTINUATION\u00a0DoS attack can cause Apache Traffic Server to consume more resources on the server.\u00a0 Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are\u00a0affected.  Users can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION frames per minute. \u00a0ATS does have a fixed amount of memory a request can use and ATS adheres to these limits in previous releases. Users are recommended to upgrade to versions 8.1.10 or 9.2.4 which fixes the issue.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.7065795", "creation_timestamp": "2024-04-12T10:05:59.000000Z"}