RSS   Podatności dla 'Thrift'   RSS

2021-04-14
 
CVE-2021-24028

CWE-763
 

 
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.

 
2020-03-18
 
CVE-2019-11939

CWE-770
 

 
Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00.

 
2020-03-10
 
CVE-2019-3553

CWE-770
 

 
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00.

 
 
CVE-2019-11938

CWE-770
 

 
Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00.

 
2019-05-06
 
CVE-2019-3565

CWE-20
 

 
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00.

 
 
CVE-2019-3564

CWE-20
 

 
Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.

 
 
CVE-2019-3559

CWE-20
 

 
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

 
 
CVE-2019-3558

CWE-20
 

 
Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

 
 
CVE-2019-3552

CWE-20
 

 
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

 

 >>> Vendor: Facebook 26 Produkty
Facebook
Photouploader
Facebook messenger
Suriname radio
Instaroid - instagram viewer
Hiphop virtual machine
HHVM
React
BUCK
FIZZ
Wangle
Thrift
Osquery
Proxygen
Zstandard
Facebook for woocommerce
Nuclide
Mcrouter
Folly
Instagram
Hermes
React-dev-utils
Gameroom
Mvfst
React-native
Messenger


Copyright 2022, cxsecurity.com

 

Back to Top