Proxygen Project: >> Proxygen Security Vulnerabilities
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-12-31
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-12-31
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-04-10
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-04-10
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-04-10