Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2019-3565

UNKNOWN
Published 2019-05-06T15:15:02
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-3565. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Facebook

Facebook Thrift

Affected Versions:

v2019.05.06.00 unspecified

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-j98f-h9mx-xrxq

Advisory Details

Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00.

CVSS Scoring

CVSS Score

7.5

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-3565
WEB https://github.com/facebook/fbthrift/commit/01686e15ec77ccb4d49a77d5bce3a01601e54d64
WEB https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
WEB https://www.facebook.com/security/advisories/cve-2019-3565
WEB http://www.securityfocus.com/bid/108280

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://github.com/facebook/fbthrift/commit/01686e15ec77ccb4d49a77d5bce3a01601e54d64
https://www.facebook.com/security/advisories/cve-2019-3565
http://www.securityfocus.com/bid/108280
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
Published: 2019-05-06T15:15:02
Last Modified: 2024-08-04T19:12:09.598Z
Copied to clipboard!