{"containers": {"cna": {"affected": [{"product": "Apache Thrift", "vendor": "n/a", "versions": [{"status": "affected", "version": "Apache Thrift 0.9.3 to 0.13.0"}]}], "descriptions": [{"lang": "en", "value": "In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service."}], "problemTypes": [{"descriptions": [{"description": "Potential DoS when processing untrusted Thrift payloads", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-07T14:40:25", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r143ca388b0c83fe659db14be76889d50b453b0ee06f423181f736933%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 opened a new pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3a1291a7ab8ee43db87cb0253371489810877028fc6e7c68dc640926%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r27b7d3d95ffa8498899ef1c9de553d469f8fe857640a3f6e58dba640%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r515e01a30443cfa2dbb355c44c63149869afd684fb7b0344c58fa67b%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r93f23f74315e009f4fb68ef7fc794dceee42cf87fe6613814dcd8c70%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd78cdd87d84499a404202f015f55935db3658bd0983ecec81e6b18c6%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3f3e1d562c528b4bafef2dde51f79dd444a4b68ef24920d68068b6f9%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd49d53b146d94a7d3a135f6b505589655ffec24ea470e345d31351bb%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210216 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2d180180f37c2ab5cebd711d080d01d8452efa8ad43c5d9cd7064621%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210217 Apache Thrift 0.14.0 Release not on Maven central", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r89fdd39965efb7c6d22bc21c286d203252cea476e1782724aca0748e%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210224 Re: [SECURITY] CVE-2020-13949 Announcement", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rbc5cad06a46d23253a3c819229efedecfc05f89ef53f5fdde77a86d6%40%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210301 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r02f7771863383ae993eb83cdfb70c3cb65a355c913242c850f61f1b8%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r7ae909438ff5a2ffed9211e6ab0bd926396fd0b1fc33f31a406ee704%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf603d25213cfff81d6727c259328846b366fd32a43107637527c9768%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6990c849aeafe65366794bfd002febd47b7ffa8cf3c059b400bbb11d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache9 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r298a25228868ebc0943d56c8f3641212a0962d2dbcf1507d5860038e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] pankaj72981 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210303 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210308 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r421a9a76811c1aed7637b5fe5376ab14c09ccdd7b70d5211d6e76d1e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210309 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1fb2d26b81c64ce96c4fd42b9e6842ff315b02c36518213b6c057350%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r286e9a13d3ab0550042997219101cb87871834b8d5ec293b0c60f009%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r117d5d2b08d505b69558a2a31b0a1cf8990cd0385060b147e70e76a9%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2f6a547f226579f542eb08793631d1f2d47d7aed7e2f9d11a4e6af9f%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 opened a new pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r449288f6a941a2585262e0f4454fdefe169d5faee33314f6f89fab30%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 closed pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3550b61639688e0efbc253c6c3e6358851c1f053109f1c149330b535%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r890b8ec5203d70a59a6b1289420d46938d9029ed706aa724978789be%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2ed66a3823990306b742b281af1834b9bc85f98259c870b8ffb13d93%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r587b4a5bcbc290269df0906bafba074f3fe4e50d4e959212f56fa7ea%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210312 Thrift 0.13 micro for CVE-2020-13949?", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rcdf62ecd36e39e4ff9c61802eee4927ce9ecff1602eed1493977ef4c%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210312 RE: Thrift 0.13 micro for CVE-2020-13949?", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1504886a550426d3c05772c47b1a6350c3235e51fd1fdffbec43e974%40%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] saintstack commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf65df763f630163a3f620887efec082080555cee1adb0b8eaf2c7ddb%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rdc8e0f92d06decaee5db58de4ded16d80016a7db2240a8db17225c49%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r191a9279e2863b68e5496ee4ecd8be0d4fe43b324b934f0d1f106e1d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r0372f0af2dad0b76fbd7a6cfdaad29d50384ad48dda475a5026ff9a3%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 merged pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r850522c56c05aa06391546bdb530bb8fc3437f2b77d16e571ae73309%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 commented on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3f97dbbbb1b2a7324521208bb595392853714e141a37b8f68d395835%40%3Cnotifications.thrift.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 edited a comment on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3e31ec7e8c39db7553be4f4fd4d27cf27c41f1ba9c985995c4ea9c5a%40%3Cnotifications.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210317 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210318 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra7371efd8363c1cd0f5331aafd359a808cf7277472b8616d7b392128%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Comment Edited] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r668aed02e287c93403e0b8df16089011ee4a96afc8f479809f1fc07f%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210320 RE: [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf568168e7f83871969928c0379813da6d034485f8b20fa73884816d6%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r18732bb1343894143d68db58fe4c8f56d9cd221b37f1378ed7373372%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc896ce7761999b088f3adabcb99dde2102b6a66130b8eec6c8265eab%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc7a79b08822337c68705f16ee7ddcfd352313b836e78a4b86c7a7e3d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1456eab5f3768be69436d5b0a68b483eb316eb85eb3ef6eba156a302%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6c5b7324274fd361b038c5cc316e99344b7ae20beae7163214fac14d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rae95c2234b6644bfd666b2671a1b42a09f38514d0f27cca3c7d5d55a%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/race178e9500ab8a5a6112667d27c48559150cadb60f2814bc67c40af%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3de0e0c26d4bd00dd28cab27fb44fba11d1c1d20275f7cce71393dd1%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r7597683cc8b87a31ec864835225a543dad112d7841bf1f17bf7eb8db%40%3Cissues.hbase.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new issue #11028: Bump Thrift library version", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rfbb01bb85cdc2022f3b96bdc416dbfcb49a2855b3a340aa88b2e1de9%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 merged pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rb44ec04e5a9b1f87fef97bb5f054010cbfaa3b8586472a3a38a16fca%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3086)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r409e296c890753296c544a74d4de0d4a3ce719207a5878262fa2bd71%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.4 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3084)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rada9d2244a66ede0be29afc5d5f178a209f9988db56b9b845d955741%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rb3574bc1036b577b265be510e6b208f0a5d5d84cd7198347dc8482df%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r699c031e6921b0ad0f943848e7ba1d0e88c953619d47908618998f76%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210325 [hbase] branch branch-2.3 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3085)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r74eb88b422421c65514c23cb9c2b2216efb9254317ea1b6a264fe6dc%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1dea91f0562e0a960b45b1c5635b2a47b258b77171334276bcf260a7%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9b51e7c253cb0989b4c03ed9f4e5f0478e427473357209ccc4d08ebf%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rad635e16b300cf434280001ee6ecd2ed2c70987bf16eb862bfa86e02%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra3f7f06a1759c8e2985ed24ae2f5483393c744c1956d661adc873f2c%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210326 [hbase] branch branch-2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3083)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd370fdb419652c5219409b315a6349b07a7e479bd3f151e9a5671774%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc48ab5455bdece9a4afab53ca0f1e4f742d5baacb241323454a87b4e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r4fa53eacca2ac38904f38dc226caebb3f2f668b2da887f2fd416f4a7%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 merged pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r08a7bd19470ef8950d58cc9d9e7b02bc69c43f56c601989a7729cce5%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rdcf00186c34d69826d9c6b1f010136c98b00a586136de0061f7d267e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra9f7c755790313e1adb95d29794043fb102029e803daf4212ae18063%40%3Cissues.solr.apache.org%3E"}, {"name": "[hbase-issues] 20210415 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r13f40151513ff095a44a86556c65597a7e55c00f5e19764a05530266%40%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210420 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r886b6d9a89b6fa0aafbf0a8f8f14351548d6c6f027886a3646dbd075%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rb91c32194eb5006f0b0c8bcdbd512c13495a1b277d4d51d45687f036%40%3Cissues.solr.apache.org%3E"}, {"name": "[hive-dev] 20210510 [jira] [Created] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rcace846f74ea9e2af2f7c30cef0796724aa74089f109c8029b850163%40%3Cdev.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r635133a74fa07ef3331cae49a9a088365922266edd58099a6162a5d3%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Assigned] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r15eed5d21e16a5cce810c1e096ffcffc36cd08c2f78ce2f9b24b4a6a%40%3Cissues.hive.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11250: suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rbfbb81e7fb5d5009caf25798f02f42a7bd064a316097303ba2f9ed76%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r8897a41f50d4eb19b268bde99328e943ba586f77779efa6de720c39f%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis commented on pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc7a241e0af086b226ff9ccabc4a243d206f0f887037994bfd8fcaaeb%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11250: suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/raea1bb8cf2eb39c5e10543f547bdbbdbb563c2ac6377652f161d4e37%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r179119bbfb5610499286a84c316f6789c5afbfa5340edec6eb28d027%40%3Ccommits.druid.apache.org%3E"}, {"name": "[hive-issues] 20210517 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rb51977d392b01434b0b5df5c19b9ad5b6178cfea59e676c14f24c053%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Work started] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r741364444c3b238ab4a161f67f0d3a8f68acc517a39e6a93aa85d753%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rcae4c66f67e701db44d742156dee1f3e5e4e07ad7ce10c740a76b669%40%3Cissues.hive.apache.org%3E"}, {"name": "[pulsar-commits] 20210607 [GitHub] [pulsar] lhotari commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210, CVE-2019-0205 and CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r36581cc7047f007dd6aadbdd34e18545ec2c1eb7ccdae6dd47a877a9%40%3Ccommits.pulsar.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Work logged] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r950ced188d62320fdb84d9e2c6ba896328194952eff7430c4f55e4b0%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Resolved] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r62aa6d07b23095d980f348d330ed766560f9a9e940fec051f534ce37%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r12090c81b67d21a814de6cf54428934a5e5613fde222759bbb05e99b%40%3Cissues.hive.apache.org%3E"}, {"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r20f6f8f8cf07986dc5304baed3bf4d8a1c4cf135ff6fe3640be4d7ec%40%3Cissues.solr.apache.org%3E"}, {"name": "GLSA-202107-32", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202107-32"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "[solr-issues] 20210819 [GitHub] [solr] janhoy opened a new pull request #268: SOLR-15324 Upgrade Jaeger dependency from 1.1.0 to 1.6.0", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r869331422580d35b4e65bd74cf3090298c4651bf4f31bfb19ae769da%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r90b4473950e26607ed77f3d70f120166f6a36a3f80888e4eeabcaf91%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r4d90b6d8de9697beb38814596d3a0d4994fa9aba1f6731a2c648d3ae%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Assigned] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd0734d91f16d5b050f0bcff78b4719300042a34fadf5e52d0edf898e%40%3Cissues.solr.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng opened a new pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r72c3d1582d50b2ca7dd1ee97e81c847a5cf3458be26d42653c39d7a6%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r533a172534ae67f6f17c4d33a1b814d3d5ada9ccd4eb442249f33fa2%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng merged pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf75979ae0ffd526f3afa935a8f0ee13c82808ea8b2bc0325eb9dcd90%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [camel] branch main updated: CAMEL-16880: camel-thrift - Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 (#5976)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r17cca685ad53bc8300ee7fcfe874cb784a222343f217dd076e7dc1b6%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] oscerd commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r812915ecfa541ad2ca65c68a97b2c014dc87141dfaefc4de85049681%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r196409cc4df929d540a2e66169104f2b3b258d8bd96b5f083c59ee51%40%3Ccommits.camel.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9ec75f690dd60fec8621ba992290962705d5b7f0d8fd0a42fab0ac9f%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Resolved] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1084a911dff90b2733b442ee0f5929d19b168035d447f2d25f534fe4%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6ba4f0817f98bf7c1cb314301cb7a24ba11a0b3e7a5be8b0ae3190b0%40%3Cissues.solr.apache.org%3E"}, {"name": "[thrift-user] 20210927 Analysis and guidelines concerning CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6ae3c68b0bfe430fb32f24236475276b6302bed625b23f53b68748b5%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20211004 Re: Analysis and guidelines concerning CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r995b945cc8f6ec976d8c52d42ba931a688b45fb32cbdde715b6a816a%40%3Cuser.thrift.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2020-13949", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Thrift", "version": {"version_data": [{"version_value": "Apache Thrift 0.9.3 to 0.13.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Potential DoS when processing untrusted Thrift payloads"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r143ca388b0c83fe659db14be76889d50b453b0ee06f423181f736933@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 opened a new pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3a1291a7ab8ee43db87cb0253371489810877028fc6e7c68dc640926@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r27b7d3d95ffa8498899ef1c9de553d469f8fe857640a3f6e58dba640@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r515e01a30443cfa2dbb355c44c63149869afd684fb7b0344c58fa67b@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r93f23f74315e009f4fb68ef7fc794dceee42cf87fe6613814dcd8c70@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd78cdd87d84499a404202f015f55935db3658bd0983ecec81e6b18c6@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3f3e1d562c528b4bafef2dde51f79dd444a4b68ef24920d68068b6f9@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd49d53b146d94a7d3a135f6b505589655ffec24ea470e345d31351bb@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210216 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2d180180f37c2ab5cebd711d080d01d8452efa8ad43c5d9cd7064621@%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210217 Apache Thrift 0.14.0 Release not on Maven central", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r89fdd39965efb7c6d22bc21c286d203252cea476e1782724aca0748e@%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210224 Re: [SECURITY] CVE-2020-13949 Announcement", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbc5cad06a46d23253a3c819229efedecfc05f89ef53f5fdde77a86d6@%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210301 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r02f7771863383ae993eb83cdfb70c3cb65a355c913242c850f61f1b8@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r7ae909438ff5a2ffed9211e6ab0bd926396fd0b1fc33f31a406ee704@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf603d25213cfff81d6727c259328846b366fd32a43107637527c9768@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6990c849aeafe65366794bfd002febd47b7ffa8cf3c059b400bbb11d@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache9 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r298a25228868ebc0943d56c8f3641212a0962d2dbcf1507d5860038e@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] pankaj72981 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210303 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210308 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r421a9a76811c1aed7637b5fe5376ab14c09ccdd7b70d5211d6e76d1e@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210309 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1fb2d26b81c64ce96c4fd42b9e6842ff315b02c36518213b6c057350@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r286e9a13d3ab0550042997219101cb87871834b8d5ec293b0c60f009@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r117d5d2b08d505b69558a2a31b0a1cf8990cd0385060b147e70e76a9@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2f6a547f226579f542eb08793631d1f2d47d7aed7e2f9d11a4e6af9f@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 opened a new pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r449288f6a941a2585262e0f4454fdefe169d5faee33314f6f89fab30@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 closed pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3550b61639688e0efbc253c6c3e6358851c1f053109f1c149330b535@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r890b8ec5203d70a59a6b1289420d46938d9029ed706aa724978789be@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2ed66a3823990306b742b281af1834b9bc85f98259c870b8ffb13d93@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r587b4a5bcbc290269df0906bafba074f3fe4e50d4e959212f56fa7ea@%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210312 Thrift 0.13 micro for CVE-2020-13949?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcdf62ecd36e39e4ff9c61802eee4927ce9ecff1602eed1493977ef4c@%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210312 RE: Thrift 0.13 micro for CVE-2020-13949?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1504886a550426d3c05772c47b1a6350c3235e51fd1fdffbec43e974@%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] saintstack commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf65df763f630163a3f620887efec082080555cee1adb0b8eaf2c7ddb@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdc8e0f92d06decaee5db58de4ded16d80016a7db2240a8db17225c49@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r191a9279e2863b68e5496ee4ecd8be0d4fe43b324b934f0d1f106e1d@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0372f0af2dad0b76fbd7a6cfdaad29d50384ad48dda475a5026ff9a3@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 merged pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r850522c56c05aa06391546bdb530bb8fc3437f2b77d16e571ae73309@%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 commented on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3f97dbbbb1b2a7324521208bb595392853714e141a37b8f68d395835@%3Cnotifications.thrift.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 edited a comment on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3e31ec7e8c39db7553be4f4fd4d27cf27c41f1ba9c985995c4ea9c5a@%3Cnotifications.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210317 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210318 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra7371efd8363c1cd0f5331aafd359a808cf7277472b8616d7b392128@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Comment Edited] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r668aed02e287c93403e0b8df16089011ee4a96afc8f479809f1fc07f@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210320 RE: [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf568168e7f83871969928c0379813da6d034485f8b20fa73884816d6@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r18732bb1343894143d68db58fe4c8f56d9cd221b37f1378ed7373372@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc896ce7761999b088f3adabcb99dde2102b6a66130b8eec6c8265eab@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc7a79b08822337c68705f16ee7ddcfd352313b836e78a4b86c7a7e3d@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1456eab5f3768be69436d5b0a68b483eb316eb85eb3ef6eba156a302@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6c5b7324274fd361b038c5cc316e99344b7ae20beae7163214fac14d@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rae95c2234b6644bfd666b2671a1b42a09f38514d0f27cca3c7d5d55a@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/race178e9500ab8a5a6112667d27c48559150cadb60f2814bc67c40af@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3de0e0c26d4bd00dd28cab27fb44fba11d1c1d20275f7cce71393dd1@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r7597683cc8b87a31ec864835225a543dad112d7841bf1f17bf7eb8db@%3Cissues.hbase.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new issue #11028: Bump Thrift library version", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rfbb01bb85cdc2022f3b96bdc416dbfcb49a2855b3a340aa88b2e1de9@%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 merged pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb44ec04e5a9b1f87fef97bb5f054010cbfaa3b8586472a3a38a16fca@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3086)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r409e296c890753296c544a74d4de0d4a3ce719207a5878262fa2bd71@%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.4 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3084)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rada9d2244a66ede0be29afc5d5f178a209f9988db56b9b845d955741@%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb3574bc1036b577b265be510e6b208f0a5d5d84cd7198347dc8482df@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r699c031e6921b0ad0f943848e7ba1d0e88c953619d47908618998f76@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210325 [hbase] branch branch-2.3 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3085)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r74eb88b422421c65514c23cb9c2b2216efb9254317ea1b6a264fe6dc@%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1dea91f0562e0a960b45b1c5635b2a47b258b77171334276bcf260a7@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9b51e7c253cb0989b4c03ed9f4e5f0478e427473357209ccc4d08ebf@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rad635e16b300cf434280001ee6ecd2ed2c70987bf16eb862bfa86e02@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra3f7f06a1759c8e2985ed24ae2f5483393c744c1956d661adc873f2c@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210326 [hbase] branch branch-2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3083)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd370fdb419652c5219409b315a6349b07a7e479bd3f151e9a5671774@%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc48ab5455bdece9a4afab53ca0f1e4f742d5baacb241323454a87b4e@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4fa53eacca2ac38904f38dc226caebb3f2f668b2da887f2fd416f4a7@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 merged pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r08a7bd19470ef8950d58cc9d9e7b02bc69c43f56c601989a7729cce5@%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdcf00186c34d69826d9c6b1f010136c98b00a586136de0061f7d267e@%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra9f7c755790313e1adb95d29794043fb102029e803daf4212ae18063@%3Cissues.solr.apache.org%3E"}, {"name": "[hbase-issues] 20210415 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r13f40151513ff095a44a86556c65597a7e55c00f5e19764a05530266@%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210420 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r886b6d9a89b6fa0aafbf0a8f8f14351548d6c6f027886a3646dbd075@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb91c32194eb5006f0b0c8bcdbd512c13495a1b277d4d51d45687f036@%3Cissues.solr.apache.org%3E"}, {"name": "[hive-dev] 20210510 [jira] [Created] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcace846f74ea9e2af2f7c30cef0796724aa74089f109c8029b850163@%3Cdev.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r635133a74fa07ef3331cae49a9a088365922266edd58099a6162a5d3@%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Assigned] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r15eed5d21e16a5cce810c1e096ffcffc36cd08c2f78ce2f9b24b4a6a@%3Cissues.hive.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11250: suppress CVE-2020-13949 again for a time", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbfbb81e7fb5d5009caf25798f02f42a7bd064a316097303ba2f9ed76@%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8897a41f50d4eb19b268bde99328e943ba586f77779efa6de720c39f@%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis commented on pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc7a241e0af086b226ff9ccabc4a243d206f0f887037994bfd8fcaaeb@%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11250: suppress CVE-2020-13949 again for a time", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/raea1bb8cf2eb39c5e10543f547bdbbdbb563c2ac6377652f161d4e37@%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r179119bbfb5610499286a84c316f6789c5afbfa5340edec6eb28d027@%3Ccommits.druid.apache.org%3E"}, {"name": "[hive-issues] 20210517 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb51977d392b01434b0b5df5c19b9ad5b6178cfea59e676c14f24c053@%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Work started] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r741364444c3b238ab4a161f67f0d3a8f68acc517a39e6a93aa85d753@%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcae4c66f67e701db44d742156dee1f3e5e4e07ad7ce10c740a76b669@%3Cissues.hive.apache.org%3E"}, {"name": "[pulsar-commits] 20210607 [GitHub] [pulsar] lhotari commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210, CVE-2019-0205 and CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r36581cc7047f007dd6aadbdd34e18545ec2c1eb7ccdae6dd47a877a9@%3Ccommits.pulsar.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Work logged] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r950ced188d62320fdb84d9e2c6ba896328194952eff7430c4f55e4b0@%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Resolved] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r62aa6d07b23095d980f348d330ed766560f9a9e940fec051f534ce37@%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r12090c81b67d21a814de6cf54428934a5e5613fde222759bbb05e99b@%3Cissues.hive.apache.org%3E"}, {"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r20f6f8f8cf07986dc5304baed3bf4d8a1c4cf135ff6fe3640be4d7ec@%3Cissues.solr.apache.org%3E"}, {"name": "GLSA-202107-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-32"}, {"name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "[solr-issues] 20210819 [GitHub] [solr] janhoy opened a new pull request #268: SOLR-15324 Upgrade Jaeger dependency from 1.1.0 to 1.6.0", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r869331422580d35b4e65bd74cf3090298c4651bf4f31bfb19ae769da@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r90b4473950e26607ed77f3d70f120166f6a36a3f80888e4eeabcaf91@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4d90b6d8de9697beb38814596d3a0d4994fa9aba1f6731a2c648d3ae@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Assigned] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd0734d91f16d5b050f0bcff78b4719300042a34fadf5e52d0edf898e@%3Cissues.solr.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng opened a new pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r72c3d1582d50b2ca7dd1ee97e81c847a5cf3458be26d42653c39d7a6@%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r533a172534ae67f6f17c4d33a1b814d3d5ada9ccd4eb442249f33fa2@%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng merged pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf75979ae0ffd526f3afa935a8f0ee13c82808ea8b2bc0325eb9dcd90@%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [camel] branch main updated: CAMEL-16880: camel-thrift - Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 (#5976)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r17cca685ad53bc8300ee7fcfe874cb784a222343f217dd076e7dc1b6@%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] oscerd commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r812915ecfa541ad2ca65c68a97b2c014dc87141dfaefc4de85049681@%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r196409cc4df929d540a2e66169104f2b3b258d8bd96b5f083c59ee51@%3Ccommits.camel.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9ec75f690dd60fec8621ba992290962705d5b7f0d8fd0a42fab0ac9f@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Resolved] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1084a911dff90b2733b442ee0f5929d19b168035d447f2d25f534fe4@%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6ba4f0817f98bf7c1cb314301cb7a24ba11a0b3e7a5be8b0ae3190b0@%3Cissues.solr.apache.org%3E"}, {"name": "[thrift-user] 20210927 Analysis and guidelines concerning CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6ae3c68b0bfe430fb32f24236475276b6302bed625b23f53b68748b5@%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20211004 Re: Analysis and guidelines concerning CVE-2020-13949", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r995b945cc8f6ec976d8c52d42ba931a688b45fb32cbdde715b6a816a@%3Cuser.thrift.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:32:14.429Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r143ca388b0c83fe659db14be76889d50b453b0ee06f423181f736933%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 opened a new pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3a1291a7ab8ee43db87cb0253371489810877028fc6e7c68dc640926%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r27b7d3d95ffa8498899ef1c9de553d469f8fe857640a3f6e58dba640%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r515e01a30443cfa2dbb355c44c63149869afd684fb7b0344c58fa67b%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r93f23f74315e009f4fb68ef7fc794dceee42cf87fe6613814dcd8c70%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd78cdd87d84499a404202f015f55935db3658bd0983ecec81e6b18c6%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3f3e1d562c528b4bafef2dde51f79dd444a4b68ef24920d68068b6f9%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210215 [GitHub] [hbase] apurtell edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd49d53b146d94a7d3a135f6b505589655ffec24ea470e345d31351bb%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210216 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2d180180f37c2ab5cebd711d080d01d8452efa8ad43c5d9cd7064621%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210217 Apache Thrift 0.14.0 Release not on Maven central", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r89fdd39965efb7c6d22bc21c286d203252cea476e1782724aca0748e%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210224 Re: [SECURITY] CVE-2020-13949 Announcement", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rbc5cad06a46d23253a3c819229efedecfc05f89ef53f5fdde77a86d6%40%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210301 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r02f7771863383ae993eb83cdfb70c3cb65a355c913242c850f61f1b8%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r7ae909438ff5a2ffed9211e6ab0bd926396fd0b1fc33f31a406ee704%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf603d25213cfff81d6727c259328846b366fd32a43107637527c9768%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r6990c849aeafe65366794bfd002febd47b7ffa8cf3c059b400bbb11d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] Apache9 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r298a25228868ebc0943d56c8f3641212a0962d2dbcf1507d5860038e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210302 [GitHub] [hbase] pankaj72981 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210303 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210308 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r421a9a76811c1aed7637b5fe5376ab14c09ccdd7b70d5211d6e76d1e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210309 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1fb2d26b81c64ce96c4fd42b9e6842ff315b02c36518213b6c057350%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r286e9a13d3ab0550042997219101cb87871834b8d5ec293b0c60f009%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210310 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r117d5d2b08d505b69558a2a31b0a1cf8990cd0385060b147e70e76a9%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2f6a547f226579f542eb08793631d1f2d47d7aed7e2f9d11a4e6af9f%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 opened a new pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r449288f6a941a2585262e0f4454fdefe169d5faee33314f6f89fab30%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 closed pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3550b61639688e0efbc253c6c3e6358851c1f053109f1c149330b535%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r890b8ec5203d70a59a6b1289420d46938d9029ed706aa724978789be%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2ed66a3823990306b742b281af1834b9bc85f98259c870b8ffb13d93%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210312 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r587b4a5bcbc290269df0906bafba074f3fe4e50d4e959212f56fa7ea%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-user] 20210312 Thrift 0.13 micro for CVE-2020-13949?", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rcdf62ecd36e39e4ff9c61802eee4927ce9ecff1602eed1493977ef4c%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20210312 RE: Thrift 0.13 micro for CVE-2020-13949?", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1504886a550426d3c05772c47b1a6350c3235e51fd1fdffbec43e974%40%3Cuser.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] saintstack commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf65df763f630163a3f620887efec082080555cee1adb0b8eaf2c7ddb%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210315 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdc8e0f92d06decaee5db58de4ded16d80016a7db2240a8db17225c49%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r191a9279e2863b68e5496ee4ecd8be0d4fe43b324b934f0d1f106e1d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r0372f0af2dad0b76fbd7a6cfdaad29d50384ad48dda475a5026ff9a3%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 merged pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r850522c56c05aa06391546bdb530bb8fc3437f2b77d16e571ae73309%40%3Cissues.hbase.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 commented on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3f97dbbbb1b2a7324521208bb595392853714e141a37b8f68d395835%40%3Cnotifications.thrift.apache.org%3E"}, {"name": "[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 edited a comment on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3e31ec7e8c39db7553be4f4fd4d27cf27c41f1ba9c985995c4ea9c5a%40%3Cnotifications.thrift.apache.org%3E"}, {"name": "[hbase-issues] 20210317 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210318 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/ra7371efd8363c1cd0f5331aafd359a808cf7277472b8616d7b392128%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210319 [jira] [Comment Edited] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r668aed02e287c93403e0b8df16089011ee4a96afc8f479809f1fc07f%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210320 RE: [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf568168e7f83871969928c0379813da6d034485f8b20fa73884816d6%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r18732bb1343894143d68db58fe4c8f56d9cd221b37f1378ed7373372%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc896ce7761999b088f3adabcb99dde2102b6a66130b8eec6c8265eab%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc7a79b08822337c68705f16ee7ddcfd352313b836e78a4b86c7a7e3d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1456eab5f3768be69436d5b0a68b483eb316eb85eb3ef6eba156a302%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r6c5b7324274fd361b038c5cc316e99344b7ae20beae7163214fac14d%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rae95c2234b6644bfd666b2671a1b42a09f38514d0f27cca3c7d5d55a%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/race178e9500ab8a5a6112667d27c48559150cadb60f2814bc67c40af%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3de0e0c26d4bd00dd28cab27fb44fba11d1c1d20275f7cce71393dd1%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r7597683cc8b87a31ec864835225a543dad112d7841bf1f17bf7eb8db%40%3Cissues.hbase.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new issue #11028: Bump Thrift library version", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rfbb01bb85cdc2022f3b96bdc416dbfcb49a2855b3a340aa88b2e1de9%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 merged pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rb44ec04e5a9b1f87fef97bb5f054010cbfaa3b8586472a3a38a16fca%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3086)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r409e296c890753296c544a74d4de0d4a3ce719207a5878262fa2bd71%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210324 [hbase] branch branch-2.4 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3084)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rada9d2244a66ede0be29afc5d5f178a209f9988db56b9b845d955741%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rb3574bc1036b577b265be510e6b208f0a5d5d84cd7198347dc8482df%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r699c031e6921b0ad0f943848e7ba1d0e88c953619d47908618998f76%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210325 [hbase] branch branch-2.3 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3085)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r74eb88b422421c65514c23cb9c2b2216efb9254317ea1b6a264fe6dc%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1dea91f0562e0a960b45b1c5635b2a47b258b77171334276bcf260a7%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9b51e7c253cb0989b4c03ed9f4e5f0478e427473357209ccc4d08ebf%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rad635e16b300cf434280001ee6ecd2ed2c70987bf16eb862bfa86e02%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210325 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/ra3f7f06a1759c8e2985ed24ae2f5483393c744c1956d661adc873f2c%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-commits] 20210326 [hbase] branch branch-2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3083)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd370fdb419652c5219409b315a6349b07a7e479bd3f151e9a5671774%40%3Ccommits.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc48ab5455bdece9a4afab53ca0f1e4f742d5baacb241323454a87b4e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r4fa53eacca2ac38904f38dc226caebb3f2f668b2da887f2fd416f4a7%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 merged pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r08a7bd19470ef8950d58cc9d9e7b02bc69c43f56c601989a7729cce5%40%3Cissues.hbase.apache.org%3E"}, {"name": "[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdcf00186c34d69826d9c6b1f010136c98b00a586136de0061f7d267e%40%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/ra9f7c755790313e1adb95d29794043fb102029e803daf4212ae18063%40%3Cissues.solr.apache.org%3E"}, {"name": "[hbase-issues] 20210415 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r13f40151513ff095a44a86556c65597a7e55c00f5e19764a05530266%40%3Cissues.hbase.apache.org%3E"}, {"name": "[solr-issues] 20210420 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r886b6d9a89b6fa0aafbf0a8f8f14351548d6c6f027886a3646dbd075%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rb91c32194eb5006f0b0c8bcdbd512c13495a1b277d4d51d45687f036%40%3Cissues.solr.apache.org%3E"}, {"name": "[hive-dev] 20210510 [jira] [Created] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rcace846f74ea9e2af2f7c30cef0796724aa74089f109c8029b850163%40%3Cdev.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r635133a74fa07ef3331cae49a9a088365922266edd58099a6162a5d3%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210510 [jira] [Assigned] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r15eed5d21e16a5cce810c1e096ffcffc36cd08c2f78ce2f9b24b4a6a%40%3Cissues.hive.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11250: suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rbfbb81e7fb5d5009caf25798f02f42a7bd064a316097303ba2f9ed76%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r8897a41f50d4eb19b268bde99328e943ba586f77779efa6de720c39f%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis commented on pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc7a241e0af086b226ff9ccabc4a243d206f0f887037994bfd8fcaaeb%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11250: suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/raea1bb8cf2eb39c5e10543f547bdbbdbb563c2ac6377652f161d4e37%40%3Ccommits.druid.apache.org%3E"}, {"name": "[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11251: [Backport] suppress CVE-2020-13949 again for a time", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r179119bbfb5610499286a84c316f6789c5afbfa5340edec6eb28d027%40%3Ccommits.druid.apache.org%3E"}, {"name": "[hive-issues] 20210517 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rb51977d392b01434b0b5df5c19b9ad5b6178cfea59e676c14f24c053%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Work started] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r741364444c3b238ab4a161f67f0d3a8f68acc517a39e6a93aa85d753%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210530 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rcae4c66f67e701db44d742156dee1f3e5e4e07ad7ce10c740a76b669%40%3Cissues.hive.apache.org%3E"}, {"name": "[pulsar-commits] 20210607 [GitHub] [pulsar] lhotari commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210, CVE-2019-0205 and CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r36581cc7047f007dd6aadbdd34e18545ec2c1eb7ccdae6dd47a877a9%40%3Ccommits.pulsar.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Work logged] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r950ced188d62320fdb84d9e2c6ba896328194952eff7430c4f55e4b0%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Resolved] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r62aa6d07b23095d980f348d330ed766560f9a9e940fec051f534ce37%40%3Cissues.hive.apache.org%3E"}, {"name": "[hive-issues] 20210609 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r12090c81b67d21a814de6cf54428934a5e5613fde222759bbb05e99b%40%3Cissues.hive.apache.org%3E"}, {"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r20f6f8f8cf07986dc5304baed3bf4d8a1c4cf135ff6fe3640be4d7ec%40%3Cissues.solr.apache.org%3E"}, {"name": "GLSA-202107-32", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202107-32"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "[solr-issues] 20210819 [GitHub] [solr] janhoy opened a new pull request #268: SOLR-15324 Upgrade Jaeger dependency from 1.1.0 to 1.6.0", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r869331422580d35b4e65bd74cf3090298c4651bf4f31bfb19ae769da%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r90b4473950e26607ed77f3d70f120166f6a36a3f80888e4eeabcaf91%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r4d90b6d8de9697beb38814596d3a0d4994fa9aba1f6731a2c648d3ae%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210819 [jira] [Assigned] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd0734d91f16d5b050f0bcff78b4719300042a34fadf5e52d0edf898e%40%3Cissues.solr.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng opened a new pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r72c3d1582d50b2ca7dd1ee97e81c847a5cf3458be26d42653c39d7a6%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r533a172534ae67f6f17c4d33a1b814d3d5ada9ccd4eb442249f33fa2%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [GitHub] [camel] zhfeng merged pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf75979ae0ffd526f3afa935a8f0ee13c82808ea8b2bc0325eb9dcd90%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210823 [camel] branch main updated: CAMEL-16880: camel-thrift - Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 (#5976)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r17cca685ad53bc8300ee7fcfe874cb784a222343f217dd076e7dc1b6%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] oscerd commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r812915ecfa541ad2ca65c68a97b2c014dc87141dfaefc4de85049681%40%3Ccommits.camel.apache.org%3E"}, {"name": "[camel-commits] 20210824 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r196409cc4df929d540a2e66169104f2b3b258d8bd96b5f083c59ee51%40%3Ccommits.camel.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9ec75f690dd60fec8621ba992290962705d5b7f0d8fd0a42fab0ac9f%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Resolved] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1084a911dff90b2733b442ee0f5929d19b168035d447f2d25f534fe4%40%3Cissues.solr.apache.org%3E"}, {"name": "[solr-issues] 20210825 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r6ba4f0817f98bf7c1cb314301cb7a24ba11a0b3e7a5be8b0ae3190b0%40%3Cissues.solr.apache.org%3E"}, {"name": "[thrift-user] 20210927 Analysis and guidelines concerning CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r6ae3c68b0bfe430fb32f24236475276b6302bed625b23f53b68748b5%40%3Cuser.thrift.apache.org%3E"}, {"name": "[thrift-user] 20211004 Re: Analysis and guidelines concerning CVE-2020-13949", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r995b945cc8f6ec976d8c52d42ba931a688b45fb32cbdde715b6a816a%40%3Cuser.thrift.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-13949", "datePublished": "2021-02-12T19:39:09", "dateReserved": "2020-06-08T00:00:00", "dateUpdated": "2024-08-04T12:32:14.429Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:hive:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C9048B8-FD74-4971-9D36-3E37B6CA8807", "versionEndExcluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1AA4FA7-86A9-4CE4-AC70-127F976B32DD", "versionEndIncluding": "0.13.0", "versionStartIncluding": "0.9.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ADE6EF8F-1F05-429B-A916-76FDB20CEB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service."}, {"lang": "es", "value": "En Apache Thrift versiones 0.9.3 hasta 0.13.0, los clientes RPC maliciosos podr\u00edan enviar mensajes cortos que resultar\u00edan en una gran asignaci\u00f3n de memoria, conllevando potencialmente a una denegaci\u00f3n de servicio"}], "id": "CVE-2020-13949", "lastModified": "2024-11-21T05:02:12.787", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-12T20:15:13.300", "references": [{"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r02f7771863383ae993eb83cdfb70c3cb65a355c913242c850f61f1b8%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r0372f0af2dad0b76fbd7a6cfdaad29d50384ad48dda475a5026ff9a3%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r08a7bd19470ef8950d58cc9d9e7b02bc69c43f56c601989a7729cce5%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1084a911dff90b2733b442ee0f5929d19b168035d447f2d25f534fe4%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r117d5d2b08d505b69558a2a31b0a1cf8990cd0385060b147e70e76a9%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r12090c81b67d21a814de6cf54428934a5e5613fde222759bbb05e99b%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r13f40151513ff095a44a86556c65597a7e55c00f5e19764a05530266%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r143ca388b0c83fe659db14be76889d50b453b0ee06f423181f736933%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1456eab5f3768be69436d5b0a68b483eb316eb85eb3ef6eba156a302%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1504886a550426d3c05772c47b1a6350c3235e51fd1fdffbec43e974%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r15eed5d21e16a5cce810c1e096ffcffc36cd08c2f78ce2f9b24b4a6a%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r179119bbfb5610499286a84c316f6789c5afbfa5340edec6eb28d027%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r17cca685ad53bc8300ee7fcfe874cb784a222343f217dd076e7dc1b6%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r18732bb1343894143d68db58fe4c8f56d9cd221b37f1378ed7373372%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r191a9279e2863b68e5496ee4ecd8be0d4fe43b324b934f0d1f106e1d%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r196409cc4df929d540a2e66169104f2b3b258d8bd96b5f083c59ee51%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1dea91f0562e0a960b45b1c5635b2a47b258b77171334276bcf260a7%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1fb2d26b81c64ce96c4fd42b9e6842ff315b02c36518213b6c057350%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r20f6f8f8cf07986dc5304baed3bf4d8a1c4cf135ff6fe3640be4d7ec%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r27b7d3d95ffa8498899ef1c9de553d469f8fe857640a3f6e58dba640%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r286e9a13d3ab0550042997219101cb87871834b8d5ec293b0c60f009%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r298a25228868ebc0943d56c8f3641212a0962d2dbcf1507d5860038e%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r2d180180f37c2ab5cebd711d080d01d8452efa8ad43c5d9cd7064621%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r2ed66a3823990306b742b281af1834b9bc85f98259c870b8ffb13d93%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r2f6a547f226579f542eb08793631d1f2d47d7aed7e2f9d11a4e6af9f%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3550b61639688e0efbc253c6c3e6358851c1f053109f1c149330b535%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r36581cc7047f007dd6aadbdd34e18545ec2c1eb7ccdae6dd47a877a9%40%3Ccommits.pulsar.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3a1291a7ab8ee43db87cb0253371489810877028fc6e7c68dc640926%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3de0e0c26d4bd00dd28cab27fb44fba11d1c1d20275f7cce71393dd1%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3e31ec7e8c39db7553be4f4fd4d27cf27c41f1ba9c985995c4ea9c5a%40%3Cnotifications.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3f3e1d562c528b4bafef2dde51f79dd444a4b68ef24920d68068b6f9%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3f97dbbbb1b2a7324521208bb595392853714e141a37b8f68d395835%40%3Cnotifications.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r409e296c890753296c544a74d4de0d4a3ce719207a5878262fa2bd71%40%3Ccommits.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r421a9a76811c1aed7637b5fe5376ab14c09ccdd7b70d5211d6e76d1e%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r449288f6a941a2585262e0f4454fdefe169d5faee33314f6f89fab30%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r4d90b6d8de9697beb38814596d3a0d4994fa9aba1f6731a2c648d3ae%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r4fa53eacca2ac38904f38dc226caebb3f2f668b2da887f2fd416f4a7%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r515e01a30443cfa2dbb355c44c63149869afd684fb7b0344c58fa67b%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r533a172534ae67f6f17c4d33a1b814d3d5ada9ccd4eb442249f33fa2%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r587b4a5bcbc290269df0906bafba074f3fe4e50d4e959212f56fa7ea%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r62aa6d07b23095d980f348d330ed766560f9a9e940fec051f534ce37%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r635133a74fa07ef3331cae49a9a088365922266edd58099a6162a5d3%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r668aed02e287c93403e0b8df16089011ee4a96afc8f479809f1fc07f%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r6990c849aeafe65366794bfd002febd47b7ffa8cf3c059b400bbb11d%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r699c031e6921b0ad0f943848e7ba1d0e88c953619d47908618998f76%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r6ae3c68b0bfe430fb32f24236475276b6302bed625b23f53b68748b5%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r6ba4f0817f98bf7c1cb314301cb7a24ba11a0b3e7a5be8b0ae3190b0%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r6c5b7324274fd361b038c5cc316e99344b7ae20beae7163214fac14d%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r72c3d1582d50b2ca7dd1ee97e81c847a5cf3458be26d42653c39d7a6%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r741364444c3b238ab4a161f67f0d3a8f68acc517a39e6a93aa85d753%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r74eb88b422421c65514c23cb9c2b2216efb9254317ea1b6a264fe6dc%40%3Ccommits.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r7597683cc8b87a31ec864835225a543dad112d7841bf1f17bf7eb8db%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r7ae909438ff5a2ffed9211e6ab0bd926396fd0b1fc33f31a406ee704%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r812915ecfa541ad2ca65c68a97b2c014dc87141dfaefc4de85049681%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r850522c56c05aa06391546bdb530bb8fc3437f2b77d16e571ae73309%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r869331422580d35b4e65bd74cf3090298c4651bf4f31bfb19ae769da%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r886b6d9a89b6fa0aafbf0a8f8f14351548d6c6f027886a3646dbd075%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r8897a41f50d4eb19b268bde99328e943ba586f77779efa6de720c39f%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r890b8ec5203d70a59a6b1289420d46938d9029ed706aa724978789be%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r89fdd39965efb7c6d22bc21c286d203252cea476e1782724aca0748e%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r90b4473950e26607ed77f3d70f120166f6a36a3f80888e4eeabcaf91%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r93f23f74315e009f4fb68ef7fc794dceee42cf87fe6613814dcd8c70%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r950ced188d62320fdb84d9e2c6ba896328194952eff7430c4f55e4b0%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r995b945cc8f6ec976d8c52d42ba931a688b45fb32cbdde715b6a816a%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r9b51e7c253cb0989b4c03ed9f4e5f0478e427473357209ccc4d08ebf%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r9ec75f690dd60fec8621ba992290962705d5b7f0d8fd0a42fab0ac9f%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra3f7f06a1759c8e2985ed24ae2f5483393c744c1956d661adc873f2c%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra7371efd8363c1cd0f5331aafd359a808cf7277472b8616d7b392128%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra9f7c755790313e1adb95d29794043fb102029e803daf4212ae18063%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/race178e9500ab8a5a6112667d27c48559150cadb60f2814bc67c40af%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rad635e16b300cf434280001ee6ecd2ed2c70987bf16eb862bfa86e02%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rada9d2244a66ede0be29afc5d5f178a209f9988db56b9b845d955741%40%3Ccommits.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rae95c2234b6644bfd666b2671a1b42a09f38514d0f27cca3c7d5d55a%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/raea1bb8cf2eb39c5e10543f547bdbbdbb563c2ac6377652f161d4e37%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rb3574bc1036b577b265be510e6b208f0a5d5d84cd7198347dc8482df%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rb44ec04e5a9b1f87fef97bb5f054010cbfaa3b8586472a3a38a16fca%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rb51977d392b01434b0b5df5c19b9ad5b6178cfea59e676c14f24c053%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rb91c32194eb5006f0b0c8bcdbd512c13495a1b277d4d51d45687f036%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rbc5cad06a46d23253a3c819229efedecfc05f89ef53f5fdde77a86d6%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rbfbb81e7fb5d5009caf25798f02f42a7bd064a316097303ba2f9ed76%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rc48ab5455bdece9a4afab53ca0f1e4f742d5baacb241323454a87b4e%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rc7a241e0af086b226ff9ccabc4a243d206f0f887037994bfd8fcaaeb%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rc7a79b08822337c68705f16ee7ddcfd352313b836e78a4b86c7a7e3d%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rc896ce7761999b088f3adabcb99dde2102b6a66130b8eec6c8265eab%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rcace846f74ea9e2af2f7c30cef0796724aa74089f109c8029b850163%40%3Cdev.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rcae4c66f67e701db44d742156dee1f3e5e4e07ad7ce10c740a76b669%40%3Cissues.hive.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rcdf62ecd36e39e4ff9c61802eee4927ce9ecff1602eed1493977ef4c%40%3Cuser.thrift.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd0734d91f16d5b050f0bcff78b4719300042a34fadf5e52d0edf898e%40%3Cissues.solr.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd370fdb419652c5219409b315a6349b07a7e479bd3f151e9a5671774%40%3Ccommits.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd49d53b146d94a7d3a135f6b505589655ffec24ea470e345d31351bb%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd78cdd87d84499a404202f015f55935db3658bd0983ecec81e6b18c6%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rdc8e0f92d06decaee5db58de4ded16d80016a7db2240a8db17225c49%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rdcf00186c34d69826d9c6b1f010136c98b00a586136de0061f7d267e%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf568168e7f83871969928c0379813da6d034485f8b20fa73884816d6%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf603d25213cfff81d6727c259328846b366fd32a43107637527c9768%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf65df763f630163a3f620887efec082080555cee1adb0b8eaf2c7ddb%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311%40%3Cissues.hbase.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf75979ae0ffd526f3afa935a8f0ee13c82808ea8b2bc0325eb9dcd90%40%3Ccommits.camel.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rfbb01bb85cdc2022f3b96bdc416dbfcb49a2855b3a340aa88b2e1de9%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-32"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r01b34416677f1ba869525e1b891ac66fa6f88c024ee4d7cdea6b456b%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r02ba8db500d15a5949e9a7742815438002ba1cf1b361bdda52ed40ca%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r02f7771863383ae993eb83cdfb70c3cb65a355c913242c850f61f1b8%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r0372f0af2dad0b76fbd7a6cfdaad29d50384ad48dda475a5026ff9a3%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r08a7bd19470ef8950d58cc9d9e7b02bc69c43f56c601989a7729cce5%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1084a911dff90b2733b442ee0f5929d19b168035d447f2d25f534fe4%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r117d5d2b08d505b69558a2a31b0a1cf8990cd0385060b147e70e76a9%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r12090c81b67d21a814de6cf54428934a5e5613fde222759bbb05e99b%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r13f40151513ff095a44a86556c65597a7e55c00f5e19764a05530266%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r143ca388b0c83fe659db14be76889d50b453b0ee06f423181f736933%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1456eab5f3768be69436d5b0a68b483eb316eb85eb3ef6eba156a302%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1504886a550426d3c05772c47b1a6350c3235e51fd1fdffbec43e974%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r15eed5d21e16a5cce810c1e096ffcffc36cd08c2f78ce2f9b24b4a6a%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r179119bbfb5610499286a84c316f6789c5afbfa5340edec6eb28d027%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r17cca685ad53bc8300ee7fcfe874cb784a222343f217dd076e7dc1b6%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r18732bb1343894143d68db58fe4c8f56d9cd221b37f1378ed7373372%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r191a9279e2863b68e5496ee4ecd8be0d4fe43b324b934f0d1f106e1d%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r196409cc4df929d540a2e66169104f2b3b258d8bd96b5f083c59ee51%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1dea91f0562e0a960b45b1c5635b2a47b258b77171334276bcf260a7%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1fb2d26b81c64ce96c4fd42b9e6842ff315b02c36518213b6c057350%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r20f6f8f8cf07986dc5304baed3bf4d8a1c4cf135ff6fe3640be4d7ec%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r278e96edc4bc13efb2cb1620a73e48f569162b833c6bda3e6ea18b80%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r27b7d3d95ffa8498899ef1c9de553d469f8fe857640a3f6e58dba640%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r286e9a13d3ab0550042997219101cb87871834b8d5ec293b0c60f009%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r298a25228868ebc0943d56c8f3641212a0962d2dbcf1507d5860038e%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2d180180f37c2ab5cebd711d080d01d8452efa8ad43c5d9cd7064621%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2ed66a3823990306b742b281af1834b9bc85f98259c870b8ffb13d93%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2f6a547f226579f542eb08793631d1f2d47d7aed7e2f9d11a4e6af9f%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3550b61639688e0efbc253c6c3e6358851c1f053109f1c149330b535%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r36581cc7047f007dd6aadbdd34e18545ec2c1eb7ccdae6dd47a877a9%40%3Ccommits.pulsar.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3a1291a7ab8ee43db87cb0253371489810877028fc6e7c68dc640926%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3de0e0c26d4bd00dd28cab27fb44fba11d1c1d20275f7cce71393dd1%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3e31ec7e8c39db7553be4f4fd4d27cf27c41f1ba9c985995c4ea9c5a%40%3Cnotifications.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3f3e1d562c528b4bafef2dde51f79dd444a4b68ef24920d68068b6f9%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3f97dbbbb1b2a7324521208bb595392853714e141a37b8f68d395835%40%3Cnotifications.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r409e296c890753296c544a74d4de0d4a3ce719207a5878262fa2bd71%40%3Ccommits.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r421a9a76811c1aed7637b5fe5376ab14c09ccdd7b70d5211d6e76d1e%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r449288f6a941a2585262e0f4454fdefe169d5faee33314f6f89fab30%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r4d90b6d8de9697beb38814596d3a0d4994fa9aba1f6731a2c648d3ae%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r4fa53eacca2ac38904f38dc226caebb3f2f668b2da887f2fd416f4a7%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r515e01a30443cfa2dbb355c44c63149869afd684fb7b0344c58fa67b%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r533a172534ae67f6f17c4d33a1b814d3d5ada9ccd4eb442249f33fa2%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r587b4a5bcbc290269df0906bafba074f3fe4e50d4e959212f56fa7ea%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r62aa6d07b23095d980f348d330ed766560f9a9e940fec051f534ce37%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r635133a74fa07ef3331cae49a9a088365922266edd58099a6162a5d3%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r668aed02e287c93403e0b8df16089011ee4a96afc8f479809f1fc07f%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r6990c849aeafe65366794bfd002febd47b7ffa8cf3c059b400bbb11d%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r699c031e6921b0ad0f943848e7ba1d0e88c953619d47908618998f76%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r6ae3c68b0bfe430fb32f24236475276b6302bed625b23f53b68748b5%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r6ba4f0817f98bf7c1cb314301cb7a24ba11a0b3e7a5be8b0ae3190b0%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r6c5b7324274fd361b038c5cc316e99344b7ae20beae7163214fac14d%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r72c3d1582d50b2ca7dd1ee97e81c847a5cf3458be26d42653c39d7a6%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r741364444c3b238ab4a161f67f0d3a8f68acc517a39e6a93aa85d753%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r74eb88b422421c65514c23cb9c2b2216efb9254317ea1b6a264fe6dc%40%3Ccommits.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r7597683cc8b87a31ec864835225a543dad112d7841bf1f17bf7eb8db%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r7ae909438ff5a2ffed9211e6ab0bd926396fd0b1fc33f31a406ee704%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r812915ecfa541ad2ca65c68a97b2c014dc87141dfaefc4de85049681%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r850522c56c05aa06391546bdb530bb8fc3437f2b77d16e571ae73309%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r869331422580d35b4e65bd74cf3090298c4651bf4f31bfb19ae769da%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r886b6d9a89b6fa0aafbf0a8f8f14351548d6c6f027886a3646dbd075%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r8897a41f50d4eb19b268bde99328e943ba586f77779efa6de720c39f%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r890b8ec5203d70a59a6b1289420d46938d9029ed706aa724978789be%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r89fdd39965efb7c6d22bc21c286d203252cea476e1782724aca0748e%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r8dfbefcd606af6737b62461a45a9af9222040b62eab474ff2287cf75%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r90b4473950e26607ed77f3d70f120166f6a36a3f80888e4eeabcaf91%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r93f23f74315e009f4fb68ef7fc794dceee42cf87fe6613814dcd8c70%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r950ced188d62320fdb84d9e2c6ba896328194952eff7430c4f55e4b0%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r995b945cc8f6ec976d8c52d42ba931a688b45fb32cbdde715b6a816a%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9b51e7c253cb0989b4c03ed9f4e5f0478e427473357209ccc4d08ebf%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9ec75f690dd60fec8621ba992290962705d5b7f0d8fd0a42fab0ac9f%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ra3f7f06a1759c8e2985ed24ae2f5483393c744c1956d661adc873f2c%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ra7371efd8363c1cd0f5331aafd359a808cf7277472b8616d7b392128%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ra9f7c755790313e1adb95d29794043fb102029e803daf4212ae18063%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/race178e9500ab8a5a6112667d27c48559150cadb60f2814bc67c40af%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rad635e16b300cf434280001ee6ecd2ed2c70987bf16eb862bfa86e02%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rada9d2244a66ede0be29afc5d5f178a209f9988db56b9b845d955741%40%3Ccommits.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rae95c2234b6644bfd666b2671a1b42a09f38514d0f27cca3c7d5d55a%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/raea1bb8cf2eb39c5e10543f547bdbbdbb563c2ac6377652f161d4e37%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rb3574bc1036b577b265be510e6b208f0a5d5d84cd7198347dc8482df%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rb44ec04e5a9b1f87fef97bb5f054010cbfaa3b8586472a3a38a16fca%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rb51977d392b01434b0b5df5c19b9ad5b6178cfea59e676c14f24c053%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rb91c32194eb5006f0b0c8bcdbd512c13495a1b277d4d51d45687f036%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rbc5cad06a46d23253a3c819229efedecfc05f89ef53f5fdde77a86d6%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rbfbb81e7fb5d5009caf25798f02f42a7bd064a316097303ba2f9ed76%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc48ab5455bdece9a4afab53ca0f1e4f742d5baacb241323454a87b4e%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc7a241e0af086b226ff9ccabc4a243d206f0f887037994bfd8fcaaeb%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc7a79b08822337c68705f16ee7ddcfd352313b836e78a4b86c7a7e3d%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc896ce7761999b088f3adabcb99dde2102b6a66130b8eec6c8265eab%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rcace846f74ea9e2af2f7c30cef0796724aa74089f109c8029b850163%40%3Cdev.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rcae4c66f67e701db44d742156dee1f3e5e4e07ad7ce10c740a76b669%40%3Cissues.hive.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rcdf62ecd36e39e4ff9c61802eee4927ce9ecff1602eed1493977ef4c%40%3Cuser.thrift.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd0734d91f16d5b050f0bcff78b4719300042a34fadf5e52d0edf898e%40%3Cissues.solr.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd370fdb419652c5219409b315a6349b07a7e479bd3f151e9a5671774%40%3Ccommits.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd49d53b146d94a7d3a135f6b505589655ffec24ea470e345d31351bb%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd78cdd87d84499a404202f015f55935db3658bd0983ecec81e6b18c6%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rdc8e0f92d06decaee5db58de4ded16d80016a7db2240a8db17225c49%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rdcf00186c34d69826d9c6b1f010136c98b00a586136de0061f7d267e%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf568168e7f83871969928c0379813da6d034485f8b20fa73884816d6%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf603d25213cfff81d6727c259328846b366fd32a43107637527c9768%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf65df763f630163a3f620887efec082080555cee1adb0b8eaf2c7ddb%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf741d08c7e0ab1542c81ea718467422bd01159ed284796a36ad88311%40%3Cissues.hbase.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf75979ae0ffd526f3afa935a8f0ee13c82808ea8b2bc0325eb9dcd90%40%3Ccommits.camel.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rfbb01bb85cdc2022f3b96bdc416dbfcb49a2855b3a340aa88b2e1de9%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-32"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:5134", "cpe": "cpe:/a:redhat:jboss_fuse:7", "impact": "moderate", "package": "libthrift", "product_name": "Red Hat Fuse 7.10", "release_date": "2021-12-14T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-agent-rhel8:1.20.4-18", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-all-in-one-rhel8:1.20.4-18", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-collector-rhel8:1.20.4-18", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-ingester-rhel8:1.20.4-17", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-query-rhel8:1.20.4-18", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}, {"advisory": "RHSA-2021:2543", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "moderate", "package": "distributed-tracing/jaeger-rhel8-operator:1.20.4-18", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-06-24T00:00:00Z"}], "bugzilla": {"description": "libthrift: potential DoS when processing untrusted payloads", "id": "1928172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928172"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.", "A flaw was found in libthrift. Applications using Thrift would not show an error upon receiving messages declaring containers of sizes larger than the payload. This results in malicious RPC clients with the ability to send short messages which would result in a large memory allocation, potentially leading to denial of service. The highest threat from this vulnerability is to system availability."], "name": "CVE-2020-13949", "package_state": [{"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "config-policy-controller", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "endpoint-component-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "endpoint-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "governance-policy-spec-sync", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "governance-policy-status-sync", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "governance-policy-template-sync", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "hive", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "iam-policy-controller", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloudhub-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-application", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-channel", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-deployable", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-foundation", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-placementrule", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "multicloud-operators-subscription", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rcm-controller", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "search-aggregator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "search-collector", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "search-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "impact": "low", "package_name": "libthrift", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "package_name": "libthrift", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Affected", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Out of support scope", "package_name": "libthrift", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Will not fix", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Affected", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Out of support scope", "package_name": "libthrift", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "impact": "moderate", "package_name": "thrift", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "impact": "moderate", "package_name": "openshift4/cnf-tests-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4/compliance-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4/file-integrity-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4-wincw/windows-machine-config-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "thrift", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:assisted_installer:", "fix_state": "Not affected", "impact": "moderate", "package_name": "rhai-tech-preview/assisted-installer-agent-rhel8", "product_name": "Red Hat OpenShift Container Platform Assisted Installer"}, {"cpe": "cpe:/a:redhat:assisted_installer:", "fix_state": "Not affected", "impact": "moderate", "package_name": "rhai-tech-preview/assisted-installer-reporter-rhel8", "product_name": "Red Hat OpenShift Container Platform Assisted Installer"}, {"cpe": "cpe:/a:redhat:assisted_installer:", "fix_state": "Not affected", "impact": "moderate", "package_name": "rhai-tech-preview/assisted-installer-rhel8", "product_name": "Red Hat OpenShift Container Platform Assisted Installer"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Out of support scope", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Will not fix", "impact": "moderate", "package_name": "libthrift", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Affected", "impact": "moderate", "package_name": "libthrift", "product_name": "streams for Apache Kafka"}], "public_date": "2021-02-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-13949\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-13949"], "statement": "* A vulnerable version of the libthrift library is delivered in listed OpenShift Container Platform (OCP) and OpenShift Jaeger (Jaeger) components, but the vulnerable code is not invoked, therefore these components are affected but with impact Moderate. \n* For Red Hat OpenStack, because the fix would require a substantial amount of development and OpenDaylight is deprecated in all future versions (RHOSP10 was in tech preview), no update will be provided at this time for the RHOSP libthrift package.", "threat_severity": "Important", "upstream_fix": "libthrift 0.14.0"}