In Tomcat vulnerability CVE-2020-13943 Detail, what is concurrent streams for a connection?

As per recent logged vulnerability CVE-2020-13943 with tomcat. It says that:

> If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to
> 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of
> the HTTP/2 protocol), it was possible that a subsequent request made
> on that connection could contain HTTP headers - including HTTP/2
> pseudo headers - from a previous request rather than the intended
> headers. This could lead to users seeing responses for unexpected
> resources.

In tomcat I understand what is connection and what is threads. Which is maintained with maxThreads and maxConnections property. And how it is impacted by BIO/NIO configurations.

But here what does this maximum number of concurrent streams for a connection means? What is this concurrent streams for a connections? And how this can be managed?

Streams are part of the HTTP/2 protocol. Each stream represents a single request. Multiple streams are sent over the same network connection. The protocol includes a mechanism for controlling the maximum number of concurrently active streams. This particular vulnerability occurs when the client starts more than the agreed number of concurrent streams. This should never happen for a specification compliant client.

You can set the maximum number of concurrent streams Tomcat will allow a client to send via the maxConcurrentStreams attribute of the HTTP2 protocol element. This should have no impact on this vulnerability as the client should always honour whatever value is set.