2 matches found
CVE-2022-24666
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS fram...
CVE-2022-24666
The CVE-2022-24666 entry concerns swift-nio-http2, affected across versions 1.0.0 through 1.19.1. Root cause: a logic error when parsing an HTTP/2 HEADERS frame containing priority information without other data, causing a miscalculation of frame size and a subsequent parsing error that crashes t...