Filtered by vendor Facebook
Subscriptions
Filtered by product Thrift
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45773 | 1 Facebook | 1 Thrift | 2024-09-30 | 7.5 High |
| A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. | ||||
| CVE-2024-45863 | 1 Facebook | 1 Thrift | 2024-09-30 | 5.3 Medium |
| A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00. | ||||
| CVE-2019-11939 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00. | ||||
| CVE-2019-11938 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00. | ||||
| CVE-2019-3565 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00. | ||||
| CVE-2019-3558 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
| CVE-2019-3564 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00. | ||||
| CVE-2019-3553 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00. | ||||
| CVE-2019-3559 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
| CVE-2019-3552 | 1 Facebook | 1 Thrift | 2024-08-04 | 7.5 High |
| C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
| CVE-2021-24028 | 1 Facebook | 1 Thrift | 2024-08-03 | 9.8 Critical |
| An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. | ||||
Page 1 of 1.