CVE-2015-7263

Facebook Proxygen’s SPDY/2 codec (pre-2015-11-09) is vended with a vulnerability that allows remote attackers to hijack sessions and bypass ACL checks by sending a crafted host value. Affected component: SPDY/2 codec in Proxygen. Underlying impact described in sources as partial integrity impact ...

CVE-2018-6346

Summary: CVE-2018-6346 describes a potential denial-of-service in Facebook Proxygen caused by the handling of invalid HTTP/2 priority settings (circular dependency). Affected versions: Proxygen prior to 2018.12.31.00. Root cause: improper processing of priority frames leading to DoS; no exploit d...

CVE-2018-6347

CVE-2018-6347 describes a denial-of-service vulnerability in the Proxygen HTTP/2 parser, where handling of HTTP2 headers/trailers can be exploited to trigger a crash or partial outage. The issue affects Proxygen versions prior to 2018.12.31.00. The connected PT-2018-17494 entry and CNVD/NVD recor...

CVE-2015-7265

Facebook Proxygen (C++ HTTP library) prior to 2015-11-09 is affected by CVE-2015-7265 due to mismanagement of HTTPMessage.request state. The flaw enables remote hijacking and bypass of ACL checks. Affected versions are cited in multiple sources describing this issue; exploitation details are not ...

CVE-2015-7264

Facebook Proxygen’s SPDY/2 codec contains a vulnerability (CVE-2015-7264) in versions prior to 2015-11-09 where a field is truncated to two bytes, enabling hijacking and injection attacks over the network. The issue affects the SPDY/2 handling within Proxygen; exploitation is described as enablin...