CVE-2016-6581: DoS via HPACK bomb attack
(updated )
An HTTP/2 implementation built using the priority library could be targetted for a denial of service attack based on HPACK, specifically a so-called “HPACK Bomb” attack.
References
Detect and mitigate CVE-2016-6581 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →