{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "2018.10.29.00"
              },
              {
                "fixed": "2018.11.19.00"
              }
            ]
          },
          "events": [
            {
              "introduced": "8d1fbe4c21c29c1b5401f553f2d6f1a9aa2749c7"
            },
            {
              "fixed": "b87730ff5e019bd1280f91456a60b93dcc64a7c4"
            },
            {
              "fixed": "0600ebe59c3e82cd012def77ca9ca1918da74a71"
            }
          ],
          "repo": "https://github.com/facebook/proxygen",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz (TLS 1.3) transport. This issue affects Proxygen releases starting from v2018.10.29.00 until the fix in v2018.11.19.00.",
  "id": "CVE-2018-6343",
  "modified": "2026-03-13T21:55:34.498058994Z",
  "published": "2018-12-31T22:29:00.527Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/facebook/proxygen/commit/0600ebe59c3e82cd012def77ca9ca1918da74a71"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}