📦 Proxygen

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This CVE describes a denial-of-service vulnerability in mvfst and proxygen QUIC implementations where a specially crafted QUIC message triggers a failed assertion, causing a crash. Attackers can disru...

This vulnerability in Proxygen's HTTPQuicCoroSession allows an attacker to trigger an infinite loop and unbounded memory growth by sending HTTP request/response bodies larger than 2^31 bytes. This lea...