apk package
chainguard/py3-supported-thrift
pkg:apk/chainguard/py3-supported-thrift
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-24028 | — | < 0 | 0 | Apr 13, 2021 | An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. | ||
| CVE-2019-11939 | — | < 0 | 0 | Mar 18, 2020 | Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This i | ||
| CVE-2019-3553 | — | < 0 | 0 | Mar 10, 2020 | C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issu | ||
| CVE-2019-11938 | — | < 0 | 0 | Mar 10, 2020 | Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This iss | ||
| CVE-2019-3565 | — | < 0 | 0 | May 6, 2019 | Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to | ||
| CVE-2019-3564 | — | < 0 | 0 | May 6, 2019 | Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affect | ||
| CVE-2019-3559 | — | < 0 | 0 | May 6, 2019 | Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affe | ||
| CVE-2019-3558 | — | < 0 | 0 | May 6, 2019 | Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue af | ||
| CVE-2019-3552 | — | < 0 | 0 | May 6, 2019 | C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. Thi |
- CVE-2021-24028Apr 13, 2021affected < 0fixed 0
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
- CVE-2019-11939Mar 18, 2020affected < 0fixed 0
Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This i
- CVE-2019-3553Mar 10, 2020affected < 0fixed 0
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issu
- CVE-2019-11938Mar 10, 2020affected < 0fixed 0
Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This iss
- CVE-2019-3565May 6, 2019affected < 0fixed 0
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to
- CVE-2019-3564May 6, 2019affected < 0fixed 0
Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affect
- CVE-2019-3559May 6, 2019affected < 0fixed 0
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affe
- CVE-2019-3558May 6, 2019affected < 0fixed 0
Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue af
- CVE-2019-3552May 6, 2019affected < 0fixed 0
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. Thi