Tag

CVE

2 posts tagged with this.

All posts RSS
  1. Official Blog
    · 2 min read

    Mitigating CVE-2023-44487: HTTP/2 Rapid Reset in .NET Apps

    CVE-2023-44487 exposes HTTP/2 servers to a high-amplification denial of service attack known as Rapid Reset. Learn exactly how it impacts ASP.NET Core applications on Kestrel and IIS, plus the updates, Kestrel configuration, and monitoring practices needed to keep your production sites online.
  2. Official Blog
    · 4 min read

    Mitigating CVE-2023-44487: HTTP/2 Rapid Reset on .NET Servers

    CVE-2023-44487 enables devastating DDoS attacks by exploiting HTTP/2 stream resets. Learn exactly which .NET and Windows components are vulnerable, the precise configuration changes required, and code examples that add rate limiting to your ASP.NET Core applications for robust protection.