Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. This affects versions of Wangle prior to v2019.04.22.00
{
"cpe": "cpe:2.3:a:facebook:wangle:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2019.04.22.00"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"source": "https://github.com/facebook/wangle/commit/5b3bceca875e4ea4ed9d14c20b20ce46c92c13c6",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "209862306761955283688617153797711746561",
"length": 470.0
},
"deprecated": false,
"id": "CVE-2019-3563-5754e038",
"target": {
"function": "LineBasedFrameDecoder::findEndOfLine",
"file": "wangle/codec/LineBasedFrameDecoder.cpp"
}
},
{
"source": "https://github.com/facebook/wangle/commit/5b3bceca875e4ea4ed9d14c20b20ce46c92c13c6",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"316347404982441586342694971964138432228",
"254508300517914634922767480531295796323",
"100883644009589782239601712373265476115",
"128216839699839833564535232473458388033",
"316519487855829563408192699816869100194"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2019-3563-933456d1",
"target": {
"file": "wangle/codec/LineBasedFrameDecoder.cpp"
}
}
]
"2026-07-08T16:08:29Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3563.json"