VYPR
Medium severity5.3NVD Advisory· Published Sep 6, 2016· Updated Jun 17, 2026

CVE-2016-7152

CVE-2016-7152

Description

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.