2 matches found
CVE-2019-11924
A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00...
CVE-2019-11924
This CVE (CVE-2019-11924) affects the fizz library and is documented in multiple feeds (NVD, Red Hat, OSV, CVE listings). Impact: a peer can send empty handshake fragments that contain only padding, which are kept in memory until a full handshake is received, causing memory exhaustion. Affected v...