VYPR

rpm package

opensuse/thrift&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/thrift&distro=openSUSE%20Tumbleweed

Vulnerabilities (7)

  • CVE-2026-41636HigApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41607MedApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41606MedApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41605HigApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41604HigApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41602HigApr 28, 2026
    affected < 0.23.0-1.1fixed 0.23.0-1.1

    Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2020-13949Feb 12, 2021
    affected < 0.14.1-1.6fixed 0.14.1-1.6

    In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.