Denial of service

2019-12-0416:15:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

60.9%

JSON

In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service.

CPENameOperatorVersion
mcrouterlt0.41.0

CPE	Name	Operator	Version
	mcrouter	lt	0.41.0

References

github.com/facebook/mcrouter/commit/98ce6624cd2563cfdb5da3b2949d5e1e03867034

github.com/facebook/mcrouter/releases/tag/v0.41.0-release

www.facebook.com/security/advisories/cve-2019-11923

0.002 Low

EPSS

Percentile

60.9%

JSON

Related for PRION:CVE-2019-11923