Critical severity9.8NVD Advisory· Published Dec 4, 2019· Updated Jun 17, 2026
CVE-2019-11940
CVE-2019-11940
Description
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=0.29.0, <2017.04.03.00
- Facebook/Proxygenv5Range: v2017.04.03.00
Patches
Vulnerability mechanics
References
2- github.com/facebook/proxygen/commit/f43b134cc5c19d8532e7fb670a1c02e85f7a8d4fnvdPatchThird Party Advisory
- www.facebook.com/security/advisories/cve-2019-11940nvdThird Party Advisory
News mentions
0No linked articles in our index yet.