Proxygen Project Proxygen — known CVE vulnerabilities
Every CVE whose affected-product data names Proxygen Project Proxygen, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2015-7264 — CVSS 9.8 (critical): The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection…
CVE-2015-7263 — CVSS 7.5 (high): The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a…
CVE-2015-7265 — CVSS 7.5 (high): Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and…
CVE-2018-6346 — CVSS 7.5 (high): A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This…
CVE-2018-6347 — CVSS 7.5 (high): An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior…