Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-3560

Published: 29/04/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 447
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Fizz

Vulnerability Summary

An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

facebook fizz

Github Repositories

https://github.com/lennysec/awesome-tls-hacks

A collection of SSL/TLS security related resources.

Awesome SSL/TLS Hacks Contents Awesome SSL/TLS Hacks Contents SSL/TLS Protocol History SSL/TLS Hacks Cryptographic Issues CBC Issues RC4 Issues Compression Issues RSA Issues Implementation Issues Some Open Source Implementations of SSL/TLS OpenSSL Version History Vulnerabilities Fizz Vulnerabilities OpenSSL Vulnerabilities Tools Fuzzing Programing Scanning Others

https://github.com/paulveillard/cybersecurity-tls-security

A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about SSL / TLS

Transport Layer Security (TLS): Theory, Techniques, and Tools An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about TLS in Cybersecurity Thanks to all contributors, you're awesome and wou

https://github.com/github/securitylab

Resources related to GitHub Security Lab

GitHub Security Lab This is the main git repository of GitHub Security Lab We use it for these main purposes: We share with our community some best practices about security research and vulnerability disclosures in our docs We use issues on this repo to track CodeQL bounty requests We use it for publishing some of our proof-of-concept exploits (after the vulnerability has be

https://github.com/lenny233/awesome-tls-hacks

A collection of SSL/TLS security related resources.

Awesome SSL/TLS Hacks Contents Awesome SSL/TLS Hacks Contents SSL/TLS Protocol History SSL/TLS Hacks Cryptographic Issues CBC Issues RC4 Issues Compression Issues RSA Issues Implementation Issues Some Open Source Implementations of SSL/TLS OpenSSL Version History Vulnerabilities Fizz Vulnerabilities OpenSSL Vulnerabilities Tools Fuzzing Programing Scanning Others

https://github.com/khulnasoft-lab/SecurityLab

GitHub Security Lab This is the main git repository of GitHub Security Lab We use it for these main purposes: We share with our community some best practices about security research and vulnerability disclosures in our docs We use issues on this repo to track CodeQL bounty requests We use it for publishing some of our proof-of-concept exploits (after the vulnerability has be

References

CWE-131CWE-835https://github.com/facebookincubator/fizz/commit/40bbb161e72fb609608d53b9d64c56bb961a6ee2http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.htmlhttp://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.htmlhttps://nvd.nist.govhttps://github.com/lennysec/awesome-tls-hackshttps://lgtm.com/blog/facebook_fizz_CVE-2019-3560
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook