3 matches found
CVE-2019-3560
CVE-2019-3560 affects the Facebook Fizz component, specifically a bug in the PlaintextRecordLayer where an improper length calculation can cause an infinite loop, leading to a denial-of-service based on user input. Affected versions are fizz prior to v2019.03.04.00. The issue’s root cause is a fa...
CVE-2023-23759
Fizz library vulnerability CVE-2023-23759: A CHECK failure can be remotely triggered when the client-supported cipher advertisement changes between the original and a second ClientHello, crashing the process and causing denial of service. Affected versions are fizz prior to v2023.01.30.00. Remedi...
CVE-2019-11924
This CVE (CVE-2019-11924) affects the fizz library and is documented in multiple feeds (NVD, Red Hat, OSV, CVE listings). Impact: a peer can send empty handshake fragments that contain only padding, which are kept in memory until a full handshake is received, causing memory exhaustion. Affected v...