PT-2020-15152 · Facebook · Proxygen

Published

2020-05-18

Updated

2020-05-19

CVE-2020-1897

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions proxygen versions prior to v2020.05.18.00

Description A use-after-free issue is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence.

Recommendations For versions prior to v2020.05.18.00, update to version v2020.05.18.00 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2020-1897

Affected Products

Proxygen

PT-2020-15152 · Facebook · Proxygen

CVE-2020-1897

Weakness Enumeration

Related Identifiers

Affected Products

References · 4