Описание
The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
A vulnerability was discovered in Apache Thrift client libraries that allows remote, authenticated attackers to cause an infinite recursion via vectors involving the skip function; resulting in a denial of service (DoS) condition.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Fuse Service Works 6 | thrift | Will not fix | ||
| Red Hat JBoss Operations Network 3 | libthrift | Out of support scope | ||
| Red Hat OpenShift Enterprise 2 | libthrift | Will not fix | ||
| Red Hat OpenShift Enterprise 3 | libthrift | Not affected | ||
| Red Hat JBoss A-MQ 6.3 | camel | Fixed | RHSA-2017:3115 | 02.11.2017 |
| Red Hat JBoss Data Virtualization 6.3 | libthrift | Fixed | RHSA-2017:2477 | 15.08.2017 |
| Red Hat JBoss Fuse 6.3 | camel | Fixed | RHSA-2017:3115 | 02.11.2017 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
The client libraries in Apache Thrift before 0.9.3 might allow remote ...
The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
6.5 Medium
CVSS3