Vulnerabilities (CVE)

Filtered by vendor Proxygen Project Subscribe
Filtered by product Proxygen
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6347 1 Proxygen Project 1 Proxygen 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00.
CVE-2018-6346 1 Proxygen Project 1 Proxygen 2024-11-21 5.0 MEDIUM 7.5 HIGH
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00.
CVE-2015-7265 1 Proxygen Project 1 Proxygen 2024-11-21 5.0 MEDIUM 7.5 HIGH
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.
CVE-2015-7264 1 Proxygen Project 1 Proxygen 2024-11-21 7.5 HIGH 9.8 CRITICAL
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.
CVE-2015-7263 1 Proxygen Project 1 Proxygen 2024-11-21 5.0 MEDIUM 7.5 HIGH
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.