CVE-2019-11938

Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00.
Configurations

Configuration 1

cpe:2.3:a:facebook:thrift:*:*:*:*:*:*:*:*

Information

Published : 2020-03-10 09:15

Updated : 2020-03-11 04:21


NVD link : CVE-2019-11938

Mitre link : CVE-2019-11938

Products Affected
No products.
CWE