cvedb.io
CVE-2023-23759
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2023-05-18T22:15:09.597 · Last modified 2026-06-17T05:37:52.033

Summary

There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service).

Affected products

facebook — fizz

Does this affect you?

Add your gear to cvedb and we'll alert you only when facebook ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.