Mcrouter prior to v0.41.0 Uncontrolled Resource Consumption Vulnerability
Mcrouter prior to v0.41.0 suffers from uncontrolled resource consumption vulnerability.
The information has been provided by Vendor
The original article can be found at:https://github.com/facebook/mcrouter/releases/tag/v0.41.0-release
In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service.
Mcrouter prior to v0.41.0