Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
https://nowotarski.info/http2-continuation-flood/
https://kb.cert.org/vuls/id/421644
https://www.kb.cert.org/vuls/id/421644
https://github.com/tempesta-tech/tempesta/security/advisories/GHSA-3xwj-5ch3-q9p4
http://www.openwall.com/lists/oss-security/2024/04/03/16
Source: Mitre, NVD
Published: 2024-04-03
Updated: 2026-04-15
Named Vulnerability: HTTP/2 CONTINUATION Flood
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: Medium
Base Score: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS: 0.7275