Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before…
An integer overflow or wraparound vulnerability exists in the Apache Thrift TFramedTransport Go language implementation, allowing remote attackers to exploit the issue. This can lead to arbitrary code execution or a denial-of-service condition. The vulnerability is exploitable over the network.
Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
Developers using Apache Thrift TFramedTransport Go language implementation are at high risk of arbitrary code execution or a denial-of-service condition and should upgrade to version 0.23.0 or later to mitigate the vulnerability.
Remediation Recommended
This vulnerability carries significant risk. Schedule patching in your next cycle.
What should I do?
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
Affected Products
2
References
apache / thrift
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability
Impact