CVE-2019-11940

2019-12-04T17:16:00
ID CVE-2019-11940
Type cve
Reporter cve@mitre.org
Modified 2019-12-17T20:18:00

Description

In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00.