UBUNTU-CVE-2018-6332
- Source
- https://ubuntu.com/security/CVE-2018-6332
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-6332.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2018-6332
- Upstream
- Published
- 2018-12-03T14:29:00Z
- Modified
- 2025-10-24T04:46:54Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- 5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server to handle HTTP2 requests.
- References
Affected packages
Ubuntu:16.04:LTS / hhvm
Package
- Name
- hhvm
- Purl
- pkg:deb/ubuntu/hhvm@3.11.1+dfsg-1ubuntu1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:18.04:LTS / hhvm
Package
- Name
- hhvm
- Purl
- pkg:deb/ubuntu/hhvm@3.21.0+dfsg-2ubuntu2?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.21.0+dfsg-2
3.21.0+dfsg-2build1
3.21.0+dfsg-2build2
3.21.0+dfsg-2build3
3.21.0+dfsg-2ubuntu2