Multiple implementations of the HTTP/2 protocol are vulnerable to attacks that could consume sufficient resources to cause a denial-of-service (DoS) condition on unpatched servers.