CVE-2021-24028

Release of Invalid Pointer or Reference in go/github.com/facebook/fbthrift/thrift/lib/go/thrift

Identifier

CVE-2021-24028

Package Slug

go/github.com/facebook/fbthrift/thrift/lib/go/thrift

Vulnerability

Release of Invalid Pointer or Reference

Description

An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects.

Affected Versions

All versions before 2021.02.22.00

Solution

Upgrade to version 2021.02.22.00 or above.

Last Modified

2021-04-23

source