Please refer to the security guidelines set out in the apple/swift-nio repository: https://github.com/apple/swift-nio/blob/main/SECURITY.md
Security: apple/swift-nio-http2
Security
SECURITY.md
-
HTTP/2 Stream Cancellation AttackGHSA-qppj-fm5r-hxr3 published
Oct 10, 2023 by LukasaModerate -
CVE-2022-0618: Denial of service via HTTP/2 HEADERS frames paddingGHSA-q36x-r5x4-h4q6 published
Mar 10, 2022 by LukasaHigh -
CVE-2022-24668: Denial of service via ALTSVC or ORIGIN framesGHSA-pgfx-g6rc-8cjv published
Feb 11, 2022 by LukasaHigh -
CVE-2022-24667: Denial of service via mishandled HPACK variable length integer encodingGHSA-w3f6-pc54-gfw7 published
Feb 11, 2022 by LukasaHigh -
CVE-2022-24666: Denial of service via invalid HTTP/2 HEADERS frame lengthGHSA-ccw9-q5h2-8c2w published
Feb 11, 2022 by LukasaHigh -
CVE-2019-9518: Empty DATA frame floodingGHSA-crcg-r874-885f published
Aug 13, 2019 by LukasaHigh -
CVE-2019-9516: 0-length HEADERS memory leakGHSA-9cqv-v2w2-7j52 published
Aug 13, 2019 by LukasaHigh -
CVE-2019-9515: Settings floodGHSA-hv27-vjg3-m59x published
Aug 13, 2019 by LukasaHigh -
CVE-2019-9514: Reset FloodGHSA-qhcv-7x49-53pq published
Aug 13, 2019 by LukasaHigh -
CVE-2019-9512: Ping FloodGHSA-h4xr-xx3r-77hx published
Aug 13, 2019 by LukasaHigh
Learn more about advisories related to apple/swift-nio-http2 in the GitHub Advisory Database