DEBIAN-CVE-2016-5397
- Source
- https://security-tracker.debian.org/tracker/CVE-2016-5397
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-5397.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2016-5397
- Upstream
- Published
- 2018-02-12T17:29:00.213Z
- Modified
- 2025-11-19T01:06:21.517128Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.
- References
Affected packages
Debian:11 / thrift
Package
- Name
- thrift
- Purl
- pkg:deb/debian/thrift?arch=source
Debian:12 / thrift
Package
- Name
- thrift
- Purl
- pkg:deb/debian/thrift?arch=source
Debian:13 / thrift
Package
- Name
- thrift
- Purl
- pkg:deb/debian/thrift?arch=source
Debian:14 / thrift
Package
- Name
- thrift
- Purl
- pkg:deb/debian/thrift?arch=source