Skip to main content

Folly

3 CVEs product

Monthly

CVE-2021-24036 CRITICAL PATCH Act Now

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution.07.22.00.80.5, all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE Folly Hhvm
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2019-11934 CRITICAL PATCH Act Now

Improper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket.11.04.00. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Folly
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2018-6337 HIGH PATCH This Week

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Folly Hhvm
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution.07.22.00.80.5, all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Improper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket.11.04.00. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Folly
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Folly Hhvm
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy