Go modules package
github.com/facebook/fbthrift
pkg:golang/github.com/facebook/fbthrift
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11939 | — | < 0.31.1-0.20200311080807-483ed864d69f | 0.31.1-0.20200311080807-483ed864d69f | Mar 18, 2020 | Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This i | ||
| CVE-2019-3564 | — | < 0.31.1-0.20190225164308-c461c1bd1a3e | 0.31.1-0.20190225164308-c461c1bd1a3e | May 6, 2019 | Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affect |
- CVE-2019-11939Mar 18, 2020affected < 0.31.1-0.20200311080807-483ed864d69ffixed 0.31.1-0.20200311080807-483ed864d69f
Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This i
- CVE-2019-3564May 6, 2019affected < 0.31.1-0.20190225164308-c461c1bd1a3efixed 0.31.1-0.20190225164308-c461c1bd1a3e
Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affect