A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
facebook hhvm |
||
facebook hhvm 3.24.6 |
||
facebook hhvm 3.25.2 |