thrift

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Scalable cross-language services framework for IPC/RPC
Version 0.14.0-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1568 0.13.0-1 0.14.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-13949 AVG-1568 Medium Yes Denial of service
Applications using Thrift before version 0.14.0 would not error upon receiving messages declaring containers of sizes larger than the payload. As a result,...