amphp/http-client is vulnerable to Denial Of Service. The vulnerability is due to unbounded buffering of HTTP/2 CONTINUATION frames until the END_HEADERS flag is received, which results in a memory exhaustion crash.
CPE | Name | Operator | Version |
---|---|---|---|
amphp/http-client | le | v4.0.0 | |
amphp/http | le | v2.1.0 | |
amphp/http | le | v1.7.2 | |
amphp/http-client | le | v4.0.0 | |
amphp/http | le | v2.1.0 | |
amphp/http | le | v1.7.2 |