C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: facebook
Published: 2019-05-06T15:15:02
Updated: 2024-08-04T19:12:09.356Z
Reserved: 2019-01-02T00:00:00
Link: CVE-2019-3552
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-05-06T16:29:00.913
Modified: 2024-11-21T04:42:09.180
Link: CVE-2019-3552
Redhat
No data.