VYPR
Critical severity9.8NVD Advisory· Published Apr 2, 2017· Updated Jun 17, 2026

CVE-2017-2428

CVE-2017-2428

Description

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an unspecified impact via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <=10.2.1
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    Range: <=10.12.3
  • Apple Inc./tvOS2 versions
    cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*range: <=10.1.1
    • (no CPE)range: <10.2
  • cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*range: <=3.1.3
    • (no CPE)range: <3.2
  • Apple Inc./macOSllm-fuzzy
    Range: <10.12.4
  • Nghttp2/Nghttp2llm-fuzzy
    Range: <1.17.0
  • Apple Inc./iOSllm-fuzzy
    Range: <10.3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.