A vulnerability identified as GEM-2023-1012-01 Dashboard HTTP2 Denial of Service - Rapid Reset - CVE-2023-44487 was recently disclosed on Feb 8, 2024. For a detailed overview, please consult the following link: 
==================
https://www.fortiguard.com/psirt/FG-IR-23-397
==================

This vulnerability is associated with Jetty, with a severity rating of High (7.5). Notably, the affected versions of Jetty span from 9.3.0 to 11.0.16. However, fixes have been released, encompassing versions 9.4.53, 10.0.17, 11.0.17, and 12.0.2. Further insights can be found in the Eclipse Jetty announcement on below link -
====================
https://www.eclipse.org/lists/jetty-announce/msg00181.html

CVE: CVE-2023-44487
Severity: High (7.5)
Impacted Versions:
org.eclipse.jetty.http2:http2-common >= 9.3.0, <= 9.4.52
org.eclipse.jetty.http2:http2-common >= 10.0.0, <= 10.0.16
org.eclipse.jetty.http2:http2-common >= 11.0.0, <= 11.0.16
org.eclipse.jetty.http2:http2-server >= 9.3.0, <= 9.4.52
org.eclipse.jetty.http2:http2-server >= 10.0.0, <= 10.0.16
org.eclipse.jetty.http2:http2-server >= 11.0.0, <= 11.0.16
org.eclipse.jetty.http2:jetty-http2-common >= 12.0.0, <= 12.0.1
org.eclipse.jetty.http2:jetty-http2-server >= 12.0.0, <= 12.0.1
Fixed Versions:
9.4.53
10.0.17
11.0.17
12.0.2
===========

TIBCO ActiveMatrix Service Grid 3.4.1 / TIBCO BPM Enterprise 4.3.2 comes bundled with Jetty version 9.4.41, which includes support for the HTTP2 protocol.