VYPR

npm package

thrift

pkg:npm/thrift

Vulnerabilities (2)

  • CVE-2026-43870HigMay 5, 2026
    affected <= 0.22.0

    Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting'), Uncontrolled Resource Consumption vulnerability in Apache Thrift. This issue af

  • CVE-2026-41636HigApr 28, 2026
    affected < 0.23.0fixed 0.23.0

    Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.