oss-sec mailing list archives
CVE-2019-0210: Apache Thrift: out-of-bounds read vulnerability
From: "Jens Geyer" <jensg () apache org>
Date: Thu, 17 Oct 2019 00:46:17 +0200
CVE-2019-0210: Apache Thrift out-of-bounds read vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Thrift 0.9.3 to 0.12.0 Description: A server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. Mitigation: Upgrade to version 0.13.0 Credit: This issue was reported by Alexandre Fiori of Facebook. On behalf of the Apache Thrift PMC, Jens Geyer
Current thread:
- CVE-2019-0210: Apache Thrift: out-of-bounds read vulnerability Jens Geyer (Oct 17)