Two vulnerabilities were discovered in the HTTP/2 code of the libnghttp2-dev HTTP server, which could result in denial of service.