Facebook thrift
This hub aggregates every CVE we track for Facebook thrift, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
1
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9MEDIUM1CRITICAL1
Monthly trend
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 11 most recently published vulnerabilities affecting Facebook thrift.
- CVE-2024-45863A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Fa...5.3
- CVE-2024-45773A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Faceboo...7.5
- CVE-2021-24028An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift pri...9.8
- CVE-2019-11939Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would re...7.5
- CVE-2019-3553C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would resul...7.5
- CVE-2019-11938Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would resu...7.5
- CVE-2019-3559Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time...7.5
- CVE-2019-3558Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long ti...7.5
- CVE-2019-3552C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take...7.5
- CVE-2019-3565Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short mes...7.5
- CVE-2019-3564Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time f...7.5
Product normalization is registry-driven with AI assist and human review. How it works