Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-49728.json
JSON Data
https://api.osv.dev/v1/vulns/AZL-49728
Upstream
  • CVE-2024-45773
Published
2024-09-27T14:15:04Z
Modified
2026-04-21T04:29:59.911904Z
Summary
CVE-2024-45773 affecting package thrift for versions less than 0.15.0-5
Details

A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00.

References

Affected packages

Azure Linux:3 / thrift

Package

Name
thrift
Purl
pkg:rpm/azure-linux/thrift

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.15.0-5

Database specific

source
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-49728.json"