thrift

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Scalable cross-language services framework for IPC/RPC
Version 0.15.0-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1568 0.13.0-1 0.14.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-13949 AVG-1568 Medium Yes Denial of service
Applications using Thrift before version 0.14.0 would not error upon receiving messages declaring containers of sizes larger than the payload. As a result,...

Advisories

Date Advisory Group Severity Type
27 Feb 2021 ASA-202102-43 AVG-1568 Medium denial of service