Vulnerabilities > Facebook
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-25 | CVE-2019-11922 | Race Condition vulnerability in Facebook Zstandard A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used. | 8.1 |
| 2019-07-25 | CVE-2019-11921 | Out-of-bounds Write vulnerability in Facebook Proxygen An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. | 9.8 |
| 2019-07-18 | CVE-2019-3570 | Out-of-bounds Write vulnerability in Facebook Hiphop Virtual Machine Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). | 9.8 |
| 2019-06-26 | CVE-2019-3569 | Exposure of Resource to Wrong Sphere vulnerability in Facebook Hhvm HHVM, when used with FastCGI, would bind by default to all available interfaces. | 7.5 |
| 2019-05-06 | CVE-2019-3565 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. | 7.5 |
| 2019-05-06 | CVE-2019-3564 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 |
| 2019-05-06 | CVE-2019-3559 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 |
| 2019-05-06 | CVE-2019-3558 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 |
| 2019-05-06 | CVE-2019-3552 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. | 7.5 |
| 2019-04-29 | CVE-2019-3563 | Out-of-bounds Write vulnerability in Facebook Wangle Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. | 9.8 |