VYPR

PyPI package

hpack

pkg:pypi/hpack

Vulnerabilities (1)

  • CVE-2016-6581HigJan 10, 2017
    affected >= 1.0.0, < 2.3.0fixed 2.3.0

    A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the siz