CVE-2020-13949
maven/org.apache.thrift/libthrift
Uncontrolled Resource Consumption
In Apache Thrift, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.
All versions starting from 0.9.3 up to 0.13.0
Upgrade to version 0.14.0 or above.
2021-03-11
source |