CVE-2019-0205Apache Thrift 安全漏洞 发布时间:2019-10-29类型:CANstatus:Candidatephase:Assigned 漏洞描述Apache Thrift是美国阿帕奇(Apache)基金会的一个用于跨平台开发的框架。
Apache Thrift 0.12.0及之前版本中存在安全漏洞。攻击者可利用该漏洞造成服务器或客户端无限循环。
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings. |
请发表评论