Security Advisory

CVE-2025-55181

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 22:13:31

Last updated 2025-12-03 00:33:57

Assigner Meta

State PUBLISHED

Description

Sending an HTTP request/response body with greater than 2^31 bytes triggers an infinite loop in proxygen::coro::HTTPQuicCoroSession which blocks the backing event loop and unconditionally appends data to a std::vector per-loop iteration. This issue leads to unbounded memory growth and eventually causes the process to run out of memory.

← Browse all CVEs View on cve.org ↗