VYPR

Proxygen

by Facebook

CVEs (4)

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2015-7264CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.

  • CVE-2015-7265HigApr 10, 2017
    risk 0.49cvss 7.5epss 0.01

    Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.

  • CVE-2015-7263HigApr 10, 2017
    risk 0.49cvss 7.5epss 0.01

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.