4 matches found
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2019-11921
The CVE-2019-11921 issue affects Facebook Proxygen prior to version 2019.07.22.00, where an out-of-bounds write can be triggered by a specially crafted network packet due to improper Base64 handling when parsing malformed binary content in Structured HTTP Headers. Affected components are within P...
CVE-2020-1897
CVE-2020-1897 affects Facebook Proxygen (open‑source C++ HTTP libraries). The issue is a use‑after‑free caused by faulty lifetime management in the request adaptor when a malicious client triggers request error handling in a specific sequence. Affected versions are prior to Proxygen v2020.05.18.0...
CVE-2021-24029
Summary of CVE-2021-24029 (mvfst/proxygen) : A specially crafted QUIC message can trigger a crash via a failed assertion in mvfst, treated as a connection error per QUIC spec. The issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to ...