An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00.
{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"cpe": "cpe:2.3:a:facebook:fizz:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2019.03.04.00"
}
]
}"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3560.json"
[
{
"id": "CVE-2019-3560-0f27f8d0",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://github.com/facebookincubator/fizz/commit/40bbb161e72fb609608d53b9d64c56bb961a6ee2",
"deprecated": false,
"digest": {
"function_hash": "218404739379754356069635748324794749765",
"length": 2017.0
},
"target": {
"function": "PlaintextReadRecordLayer::read",
"file": "fizz/record/PlaintextRecordLayer.cpp"
}
},
{
"id": "CVE-2019-3560-521ba176",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://github.com/facebookincubator/fizz/commit/40bbb161e72fb609608d53b9d64c56bb961a6ee2",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"284874508492167448417475876770024785434",
"73827099726767433453257000164984413602",
"1884291685735021107780733353913913979",
"154503829010250883649497091671471392945",
"127863923093738618575146065361892343137",
"272542403893425600602578121969568237263"
]
},
"target": {
"file": "fizz/record/PlaintextRecordLayer.cpp"
}
}
]
"2026-07-08T16:08:43Z"