Denial of Service Vulnerability in Fizz Library Prior to Version 2023.01.30.00
CVE-2023-23759
7.5HIGH
What is CVE-2023-23759?
A vulnerability has been identified in the Fizz library versions prior to 2023.01.30.00, where a CHECK failure may be triggered remotely. This issue occurs when the client-supported cipher advertisement changes between the original ClientHello and the subsequent ClientHello, resulting in a crash of the process. The main consequence of this vulnerability is a denial of service, impacting the availability of applications using the affected library.
Affected Version(s)
fizz v0.0.0.0