0.002 Low
EPSS
Percentile
61.8%
Folly is vulnerable to denial of service (DoS) attack. It is possible because it causes an out-of-bounds read in AsyncSSLSocket due to mishandling of close_notify alerts.
AsyncSSLSocket
github.com/facebook/folly/commit/c321eb588909646c15aefde035fd3133ba32cdee
www.facebook.com/security/advisories/cve-2019-11934