EUVD-2022-5184

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerable Apache Thrift versions may face endless loops with specific input data impacting some bindings

Reporter	Title	Published	Views	Family All 95
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache Thrift	2 May 202322:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Integration Bus is vulnerable to a remote attack & denial of service due to Apache Thrift & Apache Commons Codec (CVE-2018-1320, CVE-2019-0205, IBM X-Force ID: 177835)	22 Mar 202317:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from systemd, libcap, openssl-libs, libxml2, go-toolset, and prometheus-operator	28 Aug 202308:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	27 Apr 202310:23	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability of Apache Thrift (libthrift-0.12.0.jar ) have affected APM WebSphere Application Server Agent , APM SAP NetWeaver Agent and APM WebLogic Agent	14 Jul 202313:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities CVE-2019-12410, CVE-2019-12408 in arrow package	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities.	15 Dec 202209:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulenerabilities CVE-2019-0205, CVE-2019-0210 in thrift package	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Spark affecting IBM QRadar User Behavior Analytics	18 Oct 202213:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities in Apache Thrift	20 Jun 202216:01	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "86b04482-5d0f-3f3c-9e77-83b5bdf200cc",
        "vendor": {
          "name": "Apache"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "724003b1-8bb5-3925-9360-5c59987914e9",
        "product": {
          "name": "Apache Thrift"
        },
        "product_version": "all versions up to and including 0.12.0"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-0205
lists	www.lists.apache.org/thread.html/r4633082b834eebccd0d322697651d931ab10ca9c51ee7ef18e1f60f4@%3Cdev.thrift.apache.org%3E
lists	www.lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E
lists	www.lists.apache.org/thread.html/r50bf84c60867574238d18cdad5da9f303b618114c35566a3a001ae08@%3Cdev.hive.apache.org%3E
lists	www.lists.apache.org/thread.html/r53c03e1c979b9c628d0d65e0f49dd9a9f9d7572838727ad11b750575@%3Cuser.cassandra.apache.org%3E
lists	www.lists.apache.org/thread.html/r55609613abab203a1f2c1f3de050b63ae8f5c4a024df0d848d6915ff@%3Ccommits.pulsar.apache.org%3E
lists	www.lists.apache.org/thread.html/r569b2b3da41ff45bfacfca6787a4a8728edd556e185b69b140181d9d@%3Cdev.thrift.apache.org%3E
lists	www.lists.apache.org/thread.html/r573029c2f8632e3174b9eea7cd57f9c9df33f2f706450e23fc57750a@%3Ccommits.thrift.apache.org%3E
lists	www.lists.apache.org/thread.html/r67a704213d13326771f46c84bbd84c8281bb93946e155e0e40abcb4c@%3Ccommits.cassandra.apache.org%3E
lists	www.lists.apache.org/thread.html/r73a3c8b80765e3d2430ff51f22b778d0c917919f01815b69ed16cf9d@%3Cissues.hive.apache.org%3E

03 Oct 2025 20:07Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

CVSS 27.8

EPSS0.00718