The idle stream handling in nghttp2 prior to 1.6.0 allows malicious users to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
||
apple iphone os |
||
apple tvos |
||
apple watchos |
||
nghttp2 nghttp2 |