CVE-2019-3554

2019-01-1522:00:00

CWE-400

facebook

www.cve.org

0.001 Low

EPSS

Percentile

42.6%

JSON

Wangle’s AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. This affects versions of Wangle prior to v2019.01.14.00

CNA Affected

[
  {
    "product": "Wangle",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "v2019.01.14.00"
      },
      {
        "lessThan": "v2019.01.14.00",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/facebook/wangle/commit/3b17ba10a82c71e7808760e027ac6af687e06074

0.001 Low

EPSS

Percentile

42.6%

JSON

Related for CVELIST:CVE-2019-3554