PT-2019-16609 · Fizz · Fizz
Published
2019-04-29
·
Updated
2023-06-12
·
CVE-2019-3560
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
fizz versions prior to v2019.03.04.00
Description
The issue is related to an improperly performed length calculation on a buffer in PlaintextRecordLayer, which could lead to an infinite loop and denial-of-service based on user input.
Recommendations
For versions prior to v2019.03.04.00, update to version v2019.03.04.00 or later to resolve the issue.
Exploit
Fix
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fizz