7 matches found
CVE-2026-43870
Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting', Uncontrolled Resource Consumption vulnerability in Apache Thrift. This issue affects Apache Thrift:...
PT-2026-36985
Name of the Vulnerable Software and Affected Versions Apache Thrift versions prior to 0.23.0 Description Improper validation of certificates with host mismatch occurs in Apache Thrift. Recommendations Upgrade to version 0.23.0...
CVE-2026-41607
CVE-2026-41607 : The connected documents confirm an out-of-bounds read vulnerability in Apache Thrift, affecting Thrift versions before 0.23.0. The mitigation is to upgrade to 0.23.0 or later, as specified in multiple sources. The vulnerability affects the Thrift implementation and is described c...
CVE-2026-41603
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2026-41603
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2025-68700
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions prior to 0.23.0, a low-privileged authenticated user normal login account can execute arbitrary system commands on the server host process via the frontend Canvas CodeExec component, completely bypassing sandbox...
cpp-httplib 安全漏洞
cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A security vulnerability exists in cpp-httplib versions prior to 0.23.0, which stems from a Transfer-Encoding: chunked header that could cause the server to run out of memory...