101 matches found
Fedora: Security Advisory (FEDORA-2023-acbee8f31a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for proxygen (FEDORA-2023-7934802344)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: proxygen-2023.10.16.00-1.fc39
Proxygen comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis for building many HTTP servers, proxies, and clients. This release focuses on the common HTTP abstractions and our simple HTTPServer framework. Future releases will provide simple client APIs a...
Fedora: Security Advisory for proxygen (FEDORA-2023-17efd3f2cd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: proxygen-2023.10.16.00-1.fc38
Proxygen comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis for building many HTTP servers, proxies, and clients. This release focuses on the common HTTP abstractions and our simple HTTPServer framework. Future releases will provide simple client APIs a...
[SECURITY] Fedora 37 Update: proxygen-2023.10.16.00-1.fc37
Proxygen comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis for building many HTTP servers, proxies, and clients. This release focuses on the common HTTP abstractions and our simple HTTPServer framework. Future releases will provide simple client APIs a...
CVE-2021-24029
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit...
CVE-2021-24029
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit...
Session fixation
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit...
CVE-2021-24029
Summary of CVE-2021-24029 (mvfst/proxygen) : A specially crafted QUIC message can trigger a crash via a failed assertion in mvfst, treated as a connection error per QUIC spec. The issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to ...
CVE-2021-24029
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit...
Facebook Proxygen 安全漏洞
Facebook Proxygen is a set of open source C++ HTTP libraries from Facebook, Inc. in the United States. A security vulnerability exists in proxygen versions prior to v2021.03.15.00, which originates from a crash via a failed assertion...
Facebook Proxygen Resource Management Error Vulnerability
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A resource management error vulnerability exists in the lifecycle management of the request adaptor in versions prior to Facebook Proxygen v2020.05.18.00. An attacker can exploit this vulnerability...
CVE-2020-1897
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00...
CVE-2020-1897
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00...
Design/Logic Flaw
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00...
CVE-2020-1897
CVE-2020-1897 affects Facebook Proxygen (open‑source C++ HTTP libraries). The issue is a use‑after‑free caused by faulty lifetime management in the request adaptor when a malicious client triggers request error handling in a specific sequence. Affected versions are prior to Proxygen v2020.05.18.0...
CVE-2020-1897
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00...
Facebook Proxygen Resource Management Error Vulnerability
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A resource management error vulnerability exists in Facebook Proxygen versions v0.29.0 through v2017.04.03.00. The vulnerability stems from the mismanagement of system resources e.g., memory, disk...
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...