A new vulnerability in HTTP/2, dubbed 'CONTINUATION Flood', enables DOS attacks via a single TCP connection.

The vulnerability involves sending lengthy HTTP/2 CONTINUATION frames to overwhelm and crash server CPUs.

Effects of the vulnerability vary, including DoS attacks, memory leaks, and excessive memory consumption.

Imperva's Cloud WAF already has defenses against this attack, with additional measures being implemented.

CERT/CC notes challenges in detecting the attacks, necessitating raw HTTP traffic analysis for identification.

Organizations are urged to address and mitigate the CONTINUATION Flood vulnerability to maintain online security.