CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2020-13949 – libthrift: potential DoS when processing untrusted payloads
https://notcve.org/view.php?id=CVE-2020-13949
12 Feb 2021 — In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. En Apache Thrift versiones 0.9.3 hasta 0.13.0, los clientes RPC maliciosos podrían enviar mensajes cortos que resultarían en una gran asignación de memoria, conllevando potencialmente a una denegación de servicio A flaw was found in libthrift. Applications using Thrift would not show an error upon receiving messages declaring containers ... • https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b%40%3Cissues.hbase.apache.org%3E • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-0205 – thrift: Endless loop when feed with specific input data
https://notcve.org/view.php?id=CVE-2019-0205
28 Oct 2019 — In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings. En Apache Thrift, todas las versiones hasta 0.12.0 incluyéndola, un servidor o cliente pueden correr en un bucle sin fin cuando es alimentado con datos de entrada específicos. Debido a que el problema ya se había soluciona... • http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-0210 – thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol
https://notcve.org/view.php?id=CVE-2019-0210
28 Oct 2019 — In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. En Apache Thrift versiones 0.9.3 hasta 0.12.0, un servidor implementado en Go usando TJSONProtocol o TSimpleJSONProtocol puede entrar en pánico cuando es alimentado con datos de entrada no válidos. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterpris... • http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-11798 – thrift: Improper Access Control grants access to files outside the webservers docroot path
https://notcve.org/view.php?id=CVE-2018-11798
07 Jan 2019 — The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. El servidor web estático Node.js de Apache Thrift, desde su versión 0.9.2 hasta la 0.11.0, contiene una vulnerabilidad de seguridad en la que un usuario remoto tiene la capacidad de acceder a archivos fuera de la ruta webservers docroot predeterminada. A flaw was found in the Node.... • https://github.com/ossf-cve-benchmark/CVE-2018-11798 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-1320 – thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class
https://notcve.org/view.php?id=CVE-2018-1320
07 Jan 2019 — Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. La librería de cliente Java de Apache Thrift, desde la versión 0.5.0 hasta la 0.11.0, puede omitir la validación de la negociación de SASL "isComplete" en la clase org.apache.thrift.transpo... • http://www.openwall.com/lists/oss-security/2019/07/24/3 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •
CVSS: 9.0EPSS: 18%CPEs: 1EXPL: 0CVE-2016-5397 – thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands
https://notcve.org/view.php?id=CVE-2016-5397
12 Feb 2018 — The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0. La biblioteca del cliente Apache Thrift Go expuso su potencial para inyección de comandos durante la generación de código debido al uso de una herramienta de formateo externa. Las versiones 0.9.3 y anteriores de Apache Thrift se han visto afectadas; se ha solucionado en Apache Thrift 0.10.0. Red... • http://mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2015-3254 – thrift: Infinite recursion via vectors involving the skip function
https://notcve.org/view.php?id=CVE-2015-3254
16 Jun 2017 — The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function. Las bibliotecas cliente de Apache Thrift anteriores a la versión 0.9.3 podrían permitir que los usuarios remotos autenticados causen una denegación de servicio (recursión infinita) a través de vectores que implican la función skip. A vulnerability was discovered in Apache Thrift client libraries that allows remote, authenticated ... • http://grokbase.com/t/thrift/user/15c2tss3td/notice-apache-thrift-security-vulnerability-cve-2015-1774 • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •