VYPR

PyPI package

h2

pkg:pypi/h2

Vulnerabilities (1)

  • CVE-2025-57804MedAug 25, 2025
    affected < 4.3.0fixed 4.3.0

    h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to