Vulnerabilities > Facebook > Fizz > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-23759 Reachable Assertion vulnerability in Facebook Fizz
There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely.
network
low complexity
facebook CWE-617
7.5
2019-08-20 CVE-2019-11924 Allocation of Resources Without Limits or Throttling vulnerability in Facebook Fizz
A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion.
network
low complexity
facebook CWE-770
7.5
2019-04-29 CVE-2019-3560 Infinite Loop vulnerability in Facebook Fizz
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input.
network
low complexity
facebook CWE-835
7.5