CVE-2019-0210

Summary

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.

Affected Software

VendorProductVersion RangeStatus
ApacheApache Thrift0.9.3 to 0.12.0affected

Weaknesses

  • Out-of-bounds read vulnerability

ADP Enrichment

CVE Program Container

Additional References

References