You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
mend-for-github-combot
changed the title
CVE-2019-0210 (High) detected in github.com/apache/thrift/lib/go/thrift-0.11.0, grafana-v5.0.0-beta1
CVE-2019-0210 (High) detected in github.com/apache/thrift/lib/go/thrift-0.11.0, grafanav5.0.0-beta1
Apr 21, 2021
CVE-2019-0210 - High Severity Vulnerability
Vulnerable Libraries - github.com/apache/thrift/lib/go/thrift-0.11.0, grafanav5.0.0-beta1
github.com/apache/thrift/lib/go/thrift-0.11.0
Apache Thrift
Dependency Hierarchy:
Vulnerability Details
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.
Publish Date: 2019-10-29
URL: CVE-2019-0210
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E
Release Date: 2019-10-29
Fix Resolution: 0.13.0
The text was updated successfully, but these errors were encountered: