Security Advisory

CVE-2019-3553

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-10 20:30:21

Last updated 2024-08-04 19:12:09

Assigner facebook

State PUBLISHED

Description

C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00.

← Browse all CVEs View on cve.org ↗