101 matches found
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
Design/Logic Flaw
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
CVE-2019-11940
CVE-2019-11940 affects Facebook Proxygen (HTTP/2 HPACK decompression). An unexpected sequence of header-table resize operations can drive the HPACK header table into a corrupted state, causing a use-after-free and undefined behavior. Affected versions: Proxygen from v0.29.0 up to v2017.04.03.00. ...
CVE-2019-11921
An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...
CVE-2019-11921
An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...
Cross site scripting
An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...
CVE-2019-11921
An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...
CVE-2019-11921
The CVE-2019-11921 issue affects Facebook Proxygen prior to version 2019.07.22.00, where an out-of-bounds write can be triggered by a specially crafted network packet due to improper Base64 handling when parsing malformed binary content in Structured HTTP Headers. Affected components are within P...
Facebook Proxygen Buffer Overflow Vulnerability
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A buffer overflow vulnerability exists in configurations in versions prior to Facebook Proxygen 2019.07.22.00. The vulnerability stems from a network system or product performing operations in memo...
Facebook Proxygen has an unspecified vulnerability
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . An unspecified vulnerability exists in Facebook Proxygen. An attacker could exploit this vulnerability to cause a denial of service...
Proxygen Denial of Service Vulnerability
Facebook Proxygen is an open source C++ HTTP library from Facebook Inc. HTTP2 Parser is one of the HTTP2 Hypertext Transfer Protocol 2.0 parser. A security vulnerability exists in the handling of headers/trailers by HTTP2 Parser in versions prior to Facebook Proxygen 2018.12.31.00. An attacker...
Proxygen Denial of Service Vulnerability (CNVD-2019-00956)
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in the handling of invalid HTTP2 priority settings in Facebook Proxygen versions prior to 2018.12.31.00. An attacker can exploit this vulnerability to cause a denial...
Denial of service
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
Design/Logic Flaw
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz TLS 1.3 transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fi...
Design/Logic Flaw
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6343
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz TLS 1.3 transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fi...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6347
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...