CVE-2019-11940

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-11940

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11940.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-11940

Published

2019-12-04T17:16:43.773Z

Modified

2026-04-11T08:05:32.230643Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00.

References

Affected packages

Git / github.com/facebook/proxygen

Affected ranges

Type

GIT

Repo

https://github.com/facebook/proxygen

Events

Introduced

ad1f5dc3c90d6215e322360d77bbd920f846d27b

Last affected

ce3fed75c6336befb65a3ccda22ab2157ec03d21

Fixed

f43b134cc5c19d8532e7fb670a1c02e85f7a8d4f

Database specific

{
    "versions": [
        {
            "introduced": "0.29.0"
        },
        {
            "last_affected": "2017.04.03.00"
        }
    ]
}

Affected versions

v0.*

v0.29.0

v0.30.0

v0.32.0

v2017.*

v2017.01.16.00

v2017.01.23.00

v2017.01.30.00

v2017.03.06.00

v2017.03.13.00

v2017.03.20.00

v2017.03.27.00

v2017.04.03.00

Database specific

vanir_signatures_modified

"2026-04-11T08:05:32Z"

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11940.json"

vanir_signatures

[
    {
        "digest": {
            "length": 346.0,
            "function_hash": "21166485523548710051446224941708954679"
        },
        "target": {
            "file": "proxygen/lib/http/codec/compress/test/HeaderTableTests.cpp",
            "function": "TEST_F"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2019-11940-2ddc95bb",
        "source": "https://github.com/facebook/proxygen/commit/f43b134cc5c19d8532e7fb670a1c02e85f7a8d4f"
    },
    {
        "digest": {
            "length": 648.0,
            "function_hash": "25486112264607848014138733967360462091"
        },
        "target": {
            "file": "proxygen/lib/http/codec/compress/HeaderTable.cpp",
            "function": "HeaderTable::setCapacity"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2019-11940-40fc9835",
        "source": "https://github.com/facebook/proxygen/commit/f43b134cc5c19d8532e7fb670a1c02e85f7a8d4f"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "336560484748564292367235360124600627475",
                "194012771022906866654595091907762216066",
                "319063308610103975639231838176371475086",
                "47637350694475059968459539003168866672",
                "43242072634008767034200844269448053031",
                "311882678757473976651453688201920299385",
                "236857004845871867870014788386766523366",
                "64503926374602396102436628111001947453",
                "124109443435058216870680709077665140745",
                "52061995476752509109891575878439199120",
                "299249286436121815051166887417592582646",
                "277581897779600535075354122557290331276",
                "334152331315935516402785397710284283589",
                "190803557455902510098399633803643093264",
                "182142028638340357898326674853170309840",
                "312762299055548932732662490174368497676",
                "176995283909458610877271893543871218167",
                "158308923287701722688802042593465749672",
                "160052967855522841106439517952431877168",
                "272951543047724948916863401728721185573",
                "29462428018723721956168612816697304807",
                "151990742365042294460776048106558740233",
                "75407180318704451699303769443305508093"
            ]
        },
        "target": {
            "file": "proxygen/lib/http/codec/compress/HeaderTable.cpp"
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2019-11940-9f132c56",
        "source": "https://github.com/facebook/proxygen/commit/f43b134cc5c19d8532e7fb670a1c02e85f7a8d4f"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "317316444821647221601752569330905983995",
                "126247991294599374789656917152494322434",
                "103847973455558538065419659606559889123",
                "138776251203649851595885584487224225762",
                "293352389044534755756806541305421461114",
                "271131021873889377160005489723689109485",
                "128145668089555987622109629251392108897",
                "274644670122308427999199587483171655667",
                "283086251321536236102059658596525427450",
                "108090834276371216710205156512230415329",
                "44865561126338705522649296006553487050",
                "138748585378520695538421306063267146516"
            ]
        },
        "target": {
            "file": "proxygen/lib/http/codec/compress/test/HeaderTableTests.cpp"
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2019-11940-f944feae",
        "source": "https://github.com/facebook/proxygen/commit/f43b134cc5c19d8532e7fb670a1c02e85f7a8d4f"
    }
]