admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-35xx/CVE-2019-3558.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

135 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-3558",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2019-05-06T16:29:00.990",
"lastModified": "2023-11-07T03:09:53.793",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00."
},
{
"lang": "es",
"value": "Los servidores Python de Facebook Thrift no cometer\u00edan errores al recibir mensajes con tit\u00falares de campos de tipo desconocido. Como resultado, los clientes maliciosos podr\u00edan enviar mensajes cortos, lo que llevar\u00eda mucho tiempo de an\u00e1lisis por parte del servidor, lo que podr\u00eda llevar a una Denegaci\u00f3n de Servicio (DoS). Este problema afecta a Facebook Thrift anterior a la versi\u00f3n v2019.02.18.00."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-834"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:thrift:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2019.02.18.00",
"matchCriteriaId": "97E99CF8-B44E-4EC9-88CB-A7F8D186F951"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/108274",
"source": "cve-assign@fb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/facebook/fbthrift/commit/c5d6e07588cd03061bc54d451a7fa6e84883d62b",
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E",
"source": "cve-assign@fb.com"
},
{
"url": "https://www.facebook.com/security/advisories/cve-2019-3558",
"source": "cve-assign@fb.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink