CVE-2024-45863: Null Pointer Dereference
First published: Fri Sep 27 2024(Updated: )
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00.
Credit: cve-assign@fb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Thrift | >=2024.09.09.00<=2024.09.23.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-45863?
CVE-2024-45863 is classified as a critical vulnerability due to its potential to cause application crashes and undesirable effects.
How do I fix CVE-2024-45863?
To fix CVE-2024-45863, upgrade Facebook Thrift to version 2024.09.24.00 or later.
What software is affected by CVE-2024-45863?
CVE-2024-45863 affects Facebook Thrift versions from 2024.09.09.00 to 2024.09.23.00.
What impacts can CVE-2024-45863 have on applications?
CVE-2024-45863 can lead to application crashes or other undesirable effects when processing requests with invalid protocols.
Is there a workaround for CVE-2024-45863?
There is no official workaround for CVE-2024-45863; the recommended solution is to upgrade to the latest version of Facebook Thrift.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/facebook
- canonical/thrift