Page 3 of 16 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. Los servidores Java Facebook Thrift no detectaban un error al recibir mensajes con campo de contenido de tipo desconocido. Como resultado, clientes maliciosos podrían enviar mensajes cortos los cuales tomarían un largo periodo de tiempo de proceso al servidor, podría llevar a una potencial denegación de servicio. • https://github.com/facebook/fbthrift/commit/a56346ceacad28bf470017a6bda1d5518d0bd943 https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E https://www.facebook.com/security/advisories/cve-2019-3559 • CWE-755: Improper Handling of Exceptional Conditions CWE-834: Excessive Iteration •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00. Los servidores C ++ Facebook Thrift (usando cpp2) no darían error al recibir mensajes con títulares de campos de tipo desconocido. Como resultado, los clientes maliciosos podrían enviar mensajes cortos, lo que llevaría mucho tiempo para que el servidor los analice, que conllevaría a una Denegación de Servicio (DoS). • http://www.securityfocus.com/bid/108279 https://github.com/facebook/fbthrift/commit/c5d6e07588cd03061bc54d451a7fa6e84883d62b https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E • CWE-755: Improper Handling of Exceptional Conditions CWE-834: Excessive Iteration •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. La librería de cliente Java de Apache Thrift, desde la versión 0.5.0 hasta la 0.11.0, puede omitir la validación de la negociación de SASL "isComplete" en la clase org.apache.thrift.transport.TSaslTransport. Una aserción utilizada para determinar si el handshake SASL se ha completado de manera exitosa podría deshabilitarse en los ajustes de producción, prohibiendo que la validación se complete. • http://www.openwall.com/lists/oss-security/2019/07/24/3 http://www.securityfocus.com/bid/106551 https://access.redhat.com/errata/RHSA-2019:2413 https://lists.apache.org/thread.html/07c3cd5a2953a4b253eee4437b1397b1603d0f886437e19b657d2c54%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/187684ac8b94d55256253f5220cb55e8bd568afdf9a8a86e9bbb66c9%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/3d3b6849fcf4cd1e87703b3dde0d57aabeb9ba0193dc0cf3c97f545d%40%3Ccommits.cassandra.apache.org%3E https://lists.apa • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. El servidor web estático Node.js de Apache Thrift, desde su versión 0.9.2 hasta la 0.11.0, contiene una vulnerabilidad de seguridad en la que un usuario remoto tiene la capacidad de acceder a archivos fuera de la ruta webservers docroot predeterminada. A flaw was found in the Node.js static web server in Apache Thrift, where it allowed a remote user to access files outside of the set web servers' docroot path. An attacker could use this flaw to possibly access unauthorized files and sensitive information. • https://github.com/ossf-cve-benchmark/CVE-2018-11798 http://www.securityfocus.com/bid/106501 https://access.redhat.com/errata/RHSA-2019:1545 https://access.redhat.com/errata/RHSA-2019:3140 https://lists.apache.org/thread.html/6e9edd282684896cedf615fb67a02bebfe6007f2d5baf03ba52e34fd%40%3Cuser.thrift.apache.org%3E https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://access.redhat.com/security/cve/CVE-2018-11798 https://bugzilla.redhat.com/show_bug.cgi?id=1667188 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0. La biblioteca del cliente Apache Thrift Go expuso su potencial para inyección de comandos durante la generación de código debido al uso de una herramienta de formateo externa. Las versiones 0.9.3 y anteriores de Apache Thrift se han visto afectadas; se ha solucionado en Apache Thrift 0.10.0. • http://mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E http://www.securityfocus.com/bid/103025 https://access.redhat.com/errata/RHSA-2018:2669 https://access.redhat.com/errata/RHSA-2019:3140 https://issues.apache.org/jira/browse/THRIFT-3893 https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E https://access.redhat.com/security/cve/CVE-2016-5397 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •