HTTP/2 CONTINUATION flood (CVE-2024-27316) on this connection
net.h2_continuation_flood · convicts
networklayer
automationcategory
1evaders caught
What it catches
CVE-2024-27316; endless CONTINUATION frames with no END_HEADERS — memory-exhaustion DoS
Signals it reads
network.h2_continuation_flood
How it fires
present
Evaders it caught 1
Bypassed by 10
Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.