6 matches found
SUSE CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
h2 (=1.0.0) potentially affected by CVE-2016-6581 via hpack (=1.1.0)
hpack PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on hpack and may be impacted: - h2 =1.0.0 Source cves: CVE-2016-6581 Source advisory: OSV:PYSEC-2017-87...
UBUNTU-CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
CVE-2016-6581
CVE-2016-6581 affects HTTP/2 implementations built with the Python HPACK library in versions 1.0.0 through 2.2.0. The vulnerability stems from an HPACK Bomb scenario: an attacker inserts a header field the size of the dynamic HPACK table into the table, then sends a header block that repeatedly e...
CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...