Описание
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2020.05.18.00 (исключая)
cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00591
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416
Связанные уязвимости
github
больше 3 лет назад
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00.
EPSS
Процентиль: 69%
0.00591
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416