Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.thrift/libthrift@0.13.0
purl pkg:maven/org.apache.thrift/libthrift@0.13.0
Next non-vulnerable version 0.14.0
Latest non-vulnerable version 0.14.0
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-gkzd-prsr-gqc8
Aliases:
CVE-2020-13949
GHSA-g2fg-mr77-6vrm
Uncontrolled Resource Consumption in Apache Thrift In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.
0.14.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-6r6v-dxqb-3fe1 Out-of-bounds read in Apache Thrift In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. CVE-2019-0210
GHSA-jq7p-26h5-w78r
VCID-y1ca-jr94-kfb4 Multiple vulnerabilities have been found in Apache Thrift, the worst of which could result in a Denial of Service condition. CVE-2019-0205
GHSA-rj7p-rfgp-852x

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:17:24.883312+00:00 GitLab Importer Affected by VCID-gkzd-prsr-gqc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2020-13949.yml 38.4.0
2026-04-16T20:58:20.445630+00:00 GitLab Importer Fixing VCID-6r6v-dxqb-3fe1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0210.yml 38.4.0
2026-04-16T20:58:19.409580+00:00 GitLab Importer Fixing VCID-y1ca-jr94-kfb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0205.yml 38.4.0
2026-04-11T22:29:34.540612+00:00 GitLab Importer Affected by VCID-gkzd-prsr-gqc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2020-13949.yml 38.3.0
2026-04-11T22:09:29.406115+00:00 GitLab Importer Fixing VCID-6r6v-dxqb-3fe1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0210.yml 38.3.0
2026-04-11T22:09:28.240620+00:00 GitLab Importer Fixing VCID-y1ca-jr94-kfb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0205.yml 38.3.0
2026-04-04T14:32:18.131544+00:00 GHSA Importer Fixing VCID-y1ca-jr94-kfb4 https://github.com/advisories/GHSA-rj7p-rfgp-852x 38.1.0
2026-04-02T22:41:05.684597+00:00 GitLab Importer Affected by VCID-gkzd-prsr-gqc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2020-13949.yml 38.1.0
2026-04-02T22:22:07.374607+00:00 GitLab Importer Fixing VCID-6r6v-dxqb-3fe1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0210.yml 38.1.0
2026-04-02T22:22:06.290830+00:00 GitLab Importer Fixing VCID-y1ca-jr94-kfb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0205.yml 38.1.0
2026-04-01T16:58:35.173278+00:00 GitLab Importer Affected by VCID-gkzd-prsr-gqc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2020-13949.yml 38.0.0
2026-04-01T16:39:53.408049+00:00 GitLab Importer Fixing VCID-6r6v-dxqb-3fe1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0210.yml 38.0.0
2026-04-01T16:39:52.235280+00:00 GitLab Importer Fixing VCID-y1ca-jr94-kfb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.thrift/libthrift/CVE-2019-0205.yml 38.0.0
2026-04-01T13:11:07.266207+00:00 GithubOSV Importer Fixing VCID-y1ca-jr94-kfb4 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rj7p-rfgp-852x/GHSA-rj7p-rfgp-852x.json 38.0.0