MGASA-2021-0578

Source
https://advisories.mageia.org/MGASA-2021-0578.html
Import Source
https://advisories.mageia.org/MGASA-2021-0578.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2021-0578
Related
Published
2021-12-23T21:01:45Z
Modified
2021-12-23T20:19:50Z
Summary
Updated thrift/golang-github-apache-thrift packages fix security vulnerability
Details

Malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.

References
Credits

Affected packages

Mageia:8 / thrift

Package

Name
thrift
Purl
pkg:rpm/mageia/thrift?distro=mageia-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.14.0-1.mga8

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / golang-github-apache-thrift

Package

Name
golang-github-apache-thrift
Purl
pkg:rpm/mageia/golang-github-apache-thrift?distro=mageia-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.14.0-1.mga8

Ecosystem specific

{
    "section": "core"
}