Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| github.com/facebook/fbthrift(Go) | 0 | 0.31.1-0.20190225164308-c461c1bd1a3e | N/A |
CVSS Metrics
