Filtered by vendor Facebook
Subscriptions
Filtered by product Thrift
Subscriptions
Total
11 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-24028 | 1 Facebook | 1 Thrift | 2024-11-21 | 9.8 Critical |
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. | ||||
CVE-2019-3565 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00. | ||||
CVE-2019-3564 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00. | ||||
CVE-2019-3559 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
CVE-2019-3558 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
CVE-2019-3553 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00. | ||||
CVE-2019-3552 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. | ||||
CVE-2019-11939 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00. | ||||
CVE-2019-11938 | 1 Facebook | 1 Thrift | 2024-11-21 | 7.5 High |
Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00. | ||||
CVE-2024-45863 | 1 Facebook | 1 Thrift | 2024-09-30 | 5.3 Medium |
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00. | ||||
CVE-2024-45773 | 1 Facebook | 1 Thrift | 2024-09-30 | 7.5 High |
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. |
Page 1 of 1.