Proxygen_project Proxygen
5 CVEs affecting Proxygen_project Proxygen. Latest disclosed: 2018-12-31. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-7264 | Critical | 9.8 | 2017-04-10 | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. |
CVE-2018-6347 | High | 7.5 | 2018-12-31 | An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00. |
CVE-2018-6346 | High | 7.5 | 2018-12-31 | A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen pri… |
CVE-2015-7265 | High | 7.5 | 2017-04-10 | Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. |
CVE-2015-7263 | High | 7.5 | 2017-04-10 | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. |