Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: facebook

Published: 2019-05-06T15:15:02

Updated: 2024-08-04T19:12:09.557Z

Reserved: 2019-01-02T00:00:00

Link: CVE-2019-3558

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-06T16:29:00.990

Modified: 2024-11-21T04:42:09.783

Link: CVE-2019-3558

cve-icon Redhat

No data.