101 matches found
CVE-2018-6347
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6343
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz TLS 1.3 transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fi...
CVE-2018-6343
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz TLS 1.3 transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fi...
CVE-2018-6347
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6346
Summary: CVE-2018-6346 describes a potential denial-of-service in Facebook Proxygen caused by the handling of invalid HTTP/2 priority settings (circular dependency). Affected versions: Proxygen prior to 2018.12.31.00. Root cause: improper processing of priority frames leading to DoS; no exploit d...
CVE-2018-6343
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz TLS 1.3 transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fi...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6347
CVE-2018-6347 describes a denial-of-service vulnerability in the Proxygen HTTP/2 parser, where handling of HTTP2 headers/trailers can be exploited to trigger a crash or partial outage. The issue affects Proxygen versions prior to 2018.12.31.00. The connected PT-2018-17494 entry and CNVD/NVD recor...
CVE-2018-6343
CVE-2018-6343 affects Facebook Proxygen. The issue arises when Proxygen fails to validate that a secondary auth manager is set before dereferencing it during parsing of Certificate/CertificateRequest HTTP2 Frames over fizz (TLS 1.3), leading to potential denial of service. Affected versions are v...
CVE-2018-6347
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
Design/Logic Flaw
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
UBUNTU-CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
PT-2018-17485 · Facebook · Hhvm
Name of the Vulnerable Software and Affected Versions: HHVM versions 3.25.2, 3.24.6, and 3.21.10 and below Description: The issue arises from a malformed h2 frame that causes an 'std::out of range' exception when parsing priority meta data, potentially leading to denial-of-service. This occurs wh...
PT-2018-17494 · Facebook · Proxygen
Name of the Vulnerable Software and Affected Versions: Proxygen versions prior to 2018.12.31.00 Description: An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. Recommendations: For versions prior to 2018.12.31.00, update to version...
PT-2018-17493 · Facebook · Proxygen
Name of the Vulnerable Software and Affected Versions: Proxygen versions prior to 2018.12.31.00 Description: A potential denial-of-service issue exists due to the handling of invalid HTTP2 priority settings, specifically a circular dependency, in Proxygen. Recommendations: For versions prior to...
Denial of service
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...