Apache Thrift 安全漏洞

admin
admin
admin
0
文章
0
评论
2024-01-13 21:43:23 YS 来源:ZONE.CI 全球网 0 阅读模式
> Apache Thrift 安全漏洞

Apache Thrift 安全漏洞

CNNVD-ID编号 CNNVD-201910-1681 CVE编号 CVE-2019-0205
发布时间 2019-10-29 更新时间 2021-01-27
漏洞类型 其他 漏洞来源 N/A
危险等级 高危 威胁类型 远程
厂商 N/A

漏洞介绍

Apache Thrift是美国阿帕奇(Apache)基金会的一个用于跨平台开发的框架。

Apache Thrift 0.12.0及之前版本中存在安全漏洞。攻击者可利用该漏洞造成服务器或客户端无限循环。

漏洞补丁

目前厂商已发布升级了Apache Thrift 安全漏洞的补丁,Apache Thrift 安全漏洞的补丁获取链接:

http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/

参考网址

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0806

来源:MLIST

链接:https://lists.apache.org/thread.html/r55609613abab203a1f2c1f3de050b63ae8f5c4a024df0d848d6915ff@%3Ccommits.pulsar.apache.org%3E

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0805

来源:MLIST

链接:https://lists.apache.org/thread.html/r2832722c31d78bef7526e2c701ba4b046736e4c851473194a247392f@%3Ccommits.pulsar.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/928cae83d20d8d8196c26118f7084aa37573e1d31162381fb9454fb5@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r73a3c8b80765e3d2430ff51f22b778d0c917919f01815b69ed16cf9d@%3Cissues.hive.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r50bf84c60867574238d18cdad5da9f303b618114c35566a3a001ae08@%3Cdev.hive.apache.org%3E

来源:mail-archives.apache.org

链接:http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0804

来源:MLIST

链接:https://lists.apache.org/thread.html/r137753c9df8dd9065bea27a26af49aadc406b5a57fc584fefa008afd@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rce0d368a78b42c545f26c2e6e91e2b8a91b27b60d0cb45fe1911d337@%3Cnotifications.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r228ac842260c2c516af7b09f3cf4cf76e5b9c002e359954a203ab5a5@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/a9669756befaeb0f8e08766d3f4d410a0fce85da3a570506f71f0b67@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/1193444c17f499f92cd198d464a2c1ffc92182c83487345a854914b3@%3Cuser.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/9f7150d0b02e72d1154721a412e80cf797f1b7cfa295fcefc67b1381@%3Ccommits.cassandra.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r0d08f5576286f4a042aabde13ecf58979644f6dc210f25aa9a4d469b@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r4633082b834eebccd0d322697651d931ab10ca9c51ee7ef18e1f60f4@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/3dfa054b89274c9109c26ed1843ca15a14c03786f4016d26773878ae@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r573029c2f8632e3174b9eea7cd57f9c9df33f2f706450e23fc57750a@%3Ccommits.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rf359e5cc6a185494fc0cfe837fe82f7db2ef49242d35cbf3895aebce@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rba61c1f3a3b1960a6a694775b1a437751eba0825f30188f69387fe90@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rab740e5c70424ef79fd095a4b076e752109aeee41c4256c2e5e5e142@%3Ccommits.pulsar.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/0d058e1bfd11727c4f2e2adf4b6e403a47c38e22431ab20066a1ac79@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r1b1a92c229ead94d53b3bcde9e624d002b54f1c6fdb830b9f4da20e1@%3Cdev.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/07bd68ad237a5d513751d6d2731a8828f902c738ea57d85c1a72bad3@%3Cdev.thrift.apache.org%3E

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0811

来源:MLIST

链接:https://lists.apache.org/thread.html/1c18ec6ebfea0a9211992be952e8b33d0fda202c077979b84a5e09a8@%3Cuser.thrift.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/003ac686189e6ce7b99267784d04bf60059a8c323eeda5a79a0309b8@%3Ccommits.cassandra.apache.org%3E

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1882/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/157741/Red-Hat-Security-Advisory-2020-2067-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2050/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156701/Red-Hat-Security-Advisory-2020-0804-01.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Red-Hat-JBoss-Enterprise-Application-Platform-three-vulnerabilities-31779

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-analytics-has-addressed-multiple-vulnerabilities/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0915/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160562/Red-Hat-Security-Advisory-2020-5568-01.html

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/48706

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/158048/Red-Hat-Security-Advisory-2020-2512-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156885/Red-Hat-Security-Advisory-2020-0962-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2042/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4464/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-0205

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/157859/Red-Hat-Security-Advisory-2020-2333-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-is-using-components-with-known-vulnerabilities-apache-thrift-cve-2019-0205/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1858/

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/1120701

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1052/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1024/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1766/

受影响实体

暂无

信息来源

http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201910-1681

weinxin
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
评论:0   参与:  0