EUVD-2017-0099

Malware in sbrugna...

GHSA-H3Q4-6J7F-R24C priority vulnerable to denial of service

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

Design/Logic Flaw

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

CVE-2016-6580

CVE-2016-6580 affects HTTP/2 implementations built with the Python priority library older than 1.2.0. The vulnerability arises when a peer can assign priority information for every HTTP/2 stream ID, allowing the priority data structure to grow without bound, consuming memory and driving extremely...

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...