CVE-2019-0205

Опубликовано: 29 окт. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*

Версия до 0.12.0 (включая)

Конфигурация 2

Одновременно

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00698

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-835

Связанные уязвимости

CVE-2019-0205

CVSS3: 7.5

ubuntu

больше 6 лет назад

CVE-2019-0205

CVSS3: 5.9

redhat

больше 6 лет назад

CVE-2019-0205

CVSS3: 7.5

msrc

больше 1 года назад

In Apache Thrift all versions up to and including 0.12.0 a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0 depending on the installed version it affects only certain language bindings.

CVE-2019-0205

CVSS3: 7.5

debian

больше 6 лет назад

In Apache Thrift all versions up to and including 0.12.0, a server or ...

GHSA-rj7p-rfgp-852x

CVSS3: 7.5

github

больше 3 лет назад

Loop with Unreachable Exit Condition in Apache Thrift

EPSS

Процентиль: 72%

0.00698

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-835