View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2023-44487 end-of-life priority: Debian including 12 source packages (dnsdist, grpc, …), 54 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 41, open 13.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.