CVE-2019-3560 is a vulnerability in Facebook Fizz
Published on April 29, 2019
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00.
Weakness Type
What is an Infinite Loop Vulnerability?
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory.
CVE-2019-3560 has been classified to as an Infinite Loop vulnerability or weakness.
Products Associated with CVE-2019-3560
Want to know whenever a new CVE is published for Facebook Fizz? stack.watch will email you.
Affected Versions
Facebook fizz:- Version v2019.03.04.00 is affected.
- Version unspecified and below v2019.03.04.00 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.