4 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6581
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack,...
Design/Logic Flaw
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
PYSEC-2017-87
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
CVE-2016-6581
CVE-2016-6581 affects HTTP/2 implementations built with the Python HPACK library in versions 1.0.0 through 2.2.0. The vulnerability stems from an HPACK Bomb scenario: an attacker inserts a header field the size of the dynamic HPACK table into the table, then sends a header block that repeatedly e...