10 matches found
Apache Thrift 路径遍历漏洞
Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a path traversal vulnerability. This vulnerability was caused by source validation errors, path traversal, improper handling of...
BIT-THRIFT-2026-41607 Apache Thrift: C++ JSON OOB read
Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2026-41605
Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2026-41606
Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
Apache Thrift 缓冲区错误漏洞
Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a buffer error vulnerability, which was caused by an out-of-bounds read issue...
Apache Thrift 安全漏洞
Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability caused by uncontrolled recursion...
Linux Distros Unpatched Vulnerability : CVE-2026-32116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file...
DEBIAN-CVE-2025-53629
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: Th...
Double free
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because sessions.rs has a use-after-free...
Rust Formatting String Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from rusqlite::trace::log incorrectly handling format strings, and thus may violate memory safety...