Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority information for each stream, and would therefore allocate unbounded amounts of memory. Attempting to actually use a tree like this would also cause extremely high CPU usage to maintain the tree.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Python priority library 安全漏洞
Vulnerability Description
Python priority library是一个使用Python编写的HTTP/2逻辑优先级的实现。 Python priority library 1.2.0之前的版本中的HTTP/2实现过程中存在安全漏洞。攻击者可利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A