CVE-2024-45773

Summary

A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00.

Affected Software

VendorProductVersion RangeStatus
FacebookFacebook Thriftv0.0.0.0 < v2024.09.09.00affected

Weaknesses

  • Use After Free (CWE-416)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References