101 matches found
Denial of service
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6332
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6332
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
UBUNTU-CVE-2018-6332
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6332
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
CVE-2018-6332
CVE-2018-6332: A denial-of-service issue in the Proxygen handling of invalid HTTP/2 settings can cause the HHVM Proxygen server to consume disproportionate resources. Affected: HHVM versions 3.24.3 and 3.21.7 and earlier when using the proxygen HTTP/2 handler. Root cause and impact are described ...
CVE-2018-6332
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM 3.24.3 and 3.21.7 and below when using the proxygen server to handle HTTP2 requests...
PT-2018-17482 · Facebook · Hhvm
Name of the Vulnerable Software and Affected Versions: HHVM versions 3.24.3 and 3.21.7 and below Description: A potential denial-of-service issue exists in the Proxygen handling of invalid HTTP2 settings, causing the server to spend disproportionate resources when handling HTTP2 requests using th...
Facebook Proxygen Security Breach
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in versions of Facebook Proxygen prior to 2015-11-09 that stems from the program not properly managing the HTTPMessage.request state. A remote attacker can exploit t...
Facebook Proxygen Security Vulnerability (CNVD-2017-05674)
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in the SPDY/2 codec in versions of Facebook Proxygen prior to 2015-11-09. An attacker can exploit the vulnerability to perform hijacking and injection attacks...
Facebook Proxygen Security Bypass Vulnerability
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in the SPDY/2 codec in versions of Facebook Proxygen prior to 2015-11-09. A remote attacker can exploit the vulnerability with the help of a specially crafted host...
CVE-2015-7264
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...
CVE-2015-7265
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks...
Design/Logic Flaw
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value...
Design/Logic Flaw
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...
CVE-2015-7263
Facebook Proxygen’s SPDY/2 codec (pre-2015-11-09) is vended with a vulnerability that allows remote attackers to hijack sessions and bypass ACL checks by sending a crafted host value. Affected component: SPDY/2 codec in Proxygen. Underlying impact described in sources as partial integrity impact ...
CVE-2015-7264
Facebook Proxygen’s SPDY/2 codec contains a vulnerability (CVE-2015-7264) in versions prior to 2015-11-09 where a field is truncated to two bytes, enabling hijacking and injection attacks over the network. The issue affects the SPDY/2 handling within Proxygen; exploitation is described as enablin...
CVE-2015-7265
Facebook Proxygen (C++ HTTP library) prior to 2015-11-09 is affected by CVE-2015-7265 due to mismanagement of HTTPMessage.request state. The flaw enables remote hijacking and bypass of ACL checks. Affected versions are cited in multiple sources describing this issue; exploitation details are not ...
CVE-2015-7264
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...
CVE-2015-7265
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks...