{"url":"http://public2.vulnerablecode.io/api/packages/105315?format=json","purl":"pkg:deb/debian/thrift@0.13.0-6?distro=trixie","type":"deb","namespace":"debian","name":"thrift","version":"0.13.0-6","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.11.0-3","latest_non_vulnerable_version":"0.23.0-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28618?format=json","vulnerability_id":"VCID-3gjw-cdbj-f3d4","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T12:15:08Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41636"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gjw-cdbj-f3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65476?format=json","vulnerability_id":"VCID-3uzj-42jd-b3gh","summary":"Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting'), Uncontrolled Resource Consumption vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43870"},{"reference_url":"https://lists.apache.org/thread/pgtfq44ltc9t63kxcbqmwqzt45pnhqdy","reference_id":"pgtfq44ltc9t63kxcbqmwqzt45pnhqdy","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:32:26Z/"}],"url":"https://lists.apache.org/thread/pgtfq44ltc9t63kxcbqmwqzt45pnhqdy"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-43870"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uzj-42jd-b3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211374?format=json","vulnerability_id":"VCID-5vca-4sep-y3h6","summary":"Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings.  This issue affects Apache Thrift: before 0.23.0.  Users are recommended to upgrade to version 0.23.0, which fixes the issue.  Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal \"free(): invalid pointer\" error message.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48431","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48431"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348","reference_id":"1135348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2025-48431"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vca-4sep-y3h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65537?format=json","vulnerability_id":"VCID-8vu1-gxmu-aqhh","summary":"Memory Allocation with Excessive Size Value vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43868"},{"reference_url":"https://lists.apache.org/thread/zj76dtwnbbs1m7z3focf4wd51pqpsmn9","reference_id":"zj76dtwnbbs1m7z3focf4wd51pqpsmn9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T19:14:59Z/"}],"url":"https://lists.apache.org/thread/zj76dtwnbbs1m7z3focf4wd51pqpsmn9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-43868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vu1-gxmu-aqhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28614?format=json","vulnerability_id":"VCID-96d3-5ap5-47af","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41604"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41604"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-96d3-5ap5-47af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28612?format=json","vulnerability_id":"VCID-dq8c-utx4-zyb3","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41602"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348","reference_id":"1135348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T14:09:11Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41602"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dq8c-utx4-zyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28613?format=json","vulnerability_id":"VCID-jv9h-pnx8-7fh2","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348","reference_id":"1135348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T14:13:58Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41603"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv9h-pnx8-7fh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7725?format=json","vulnerability_id":"VCID-jy47-fqk7-qkcp","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13949"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988949","reference_id":"988949","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988949"},{"reference_url":"https://security.archlinux.org/ASA-202102-43","reference_id":"ASA-202102-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-43"},{"reference_url":"https://security.archlinux.org/AVG-1568","reference_id":"AVG-1568","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1568"},{"reference_url":"https://security.gentoo.org/glsa/202107-32","reference_id":"GLSA-202107-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105320?format=json","purl":"pkg:deb/debian/thrift@0.16.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.16.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105313?format=json","purl":"pkg:deb/debian/thrift@0.17.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.17.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105317?format=json","purl":"pkg:deb/debian/thrift@0.19.0-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.19.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2020-13949"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jy47-fqk7-qkcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65507?format=json","vulnerability_id":"VCID-p3ye-a1ry-vbbr","summary":"Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43869"},{"reference_url":"https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r","reference_id":"3hsgl1b69wzq3ry39scqbv2dhyl3j52r","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:01:36Z/"}],"url":"https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-43869"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3ye-a1ry-vbbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28616?format=json","vulnerability_id":"VCID-t18m-8uzd-6bh1","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348","reference_id":"1135348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T14:25:44Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41606"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t18m-8uzd-6bh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28615?format=json","vulnerability_id":"VCID-tspx-j4pw-gffg","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41605"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T14:27:07Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41605"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tspx-j4pw-gffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28617?format=json","vulnerability_id":"VCID-zmdk-juzp-cfe6","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348","reference_id":"1135348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135348"},{"reference_url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","reference_id":"lb4j0zyd5f3g36cos0wql925przpnwql","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T14:24:06Z/"}],"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2026-41607"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmdk-juzp-cfe6"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5906?format=json","vulnerability_id":"VCID-nqk6-frt7-skam","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0205"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202107-32","reference_id":"GLSA-202107-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105319?format=json","purl":"pkg:deb/debian/thrift@0.13.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105315?format=json","purl":"pkg:deb/debian/thrift@0.13.0-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-jy47-fqk7-qkcp"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105313?format=json","purl":"pkg:deb/debian/thrift@0.17.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.17.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105317?format=json","purl":"pkg:deb/debian/thrift@0.19.0-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.19.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2019-0205"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqk6-frt7-skam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202869?format=json","vulnerability_id":"VCID-nxfw-mguk-vfg1","summary":"Apache Thrift Node.js static web server sandbox escape","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3140","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11798"},{"reference_url":"https://github.com/apache/thrift/commit/2a2b72f6c8aef200ecee4984f011e06052288ff2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/thrift/commit/2a2b72f6c8aef200ecee4984f011e06052288ff2"},{"reference_url":"https://github.com/apache/thrift/pull/1606","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/thrift/pull/1606"},{"reference_url":"https://issues.apache.org/jira/browse/THRIFT-4647","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/jira/browse/THRIFT-4647"},{"reference_url":"https://lists.apache.org/thread.html/6e9edd282684896cedf615fb67a02bebfe6007f2d5baf03ba52e34fd@%3Cuser.thrift.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/6e9edd282684896cedf615fb67a02bebfe6007f2d5baf03ba52e34fd@%3Cuser.thrift.apache.org%3E"},{"reference_url":"https://web.archive.org/web/20200227094236/http://www.securityfocus.com/bid/106501","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227094236/http://www.securityfocus.com/bid/106501"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918734","reference_id":"918734","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918734"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11798","reference_id":"CVE-2018-11798","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11798"},{"reference_url":"https://github.com/advisories/GHSA-vx85-mj8c-4qm6","reference_id":"GHSA-vx85-mj8c-4qm6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vx85-mj8c-4qm6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105318?format=json","purl":"pkg:deb/debian/thrift@0.11.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.11.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105315?format=json","purl":"pkg:deb/debian/thrift@0.13.0-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-jy47-fqk7-qkcp"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105313?format=json","purl":"pkg:deb/debian/thrift@0.17.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.17.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105317?format=json","purl":"pkg:deb/debian/thrift@0.19.0-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.19.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2018-11798","GHSA-vx85-mj8c-4qm6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxfw-mguk-vfg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204470?format=json","vulnerability_id":"VCID-qgj8-gfmq-rubq","summary":"The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5397"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105314?format=json","purl":"pkg:deb/debian/thrift@0.11.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.11.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105315?format=json","purl":"pkg:deb/debian/thrift@0.13.0-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-jy47-fqk7-qkcp"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105313?format=json","purl":"pkg:deb/debian/thrift@0.17.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.17.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105317?format=json","purl":"pkg:deb/debian/thrift@0.19.0-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.19.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2016-5397"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgj8-gfmq-rubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5907?format=json","vulnerability_id":"VCID-tcas-wcd4-vueg","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202107-32","reference_id":"GLSA-202107-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105319?format=json","purl":"pkg:deb/debian/thrift@0.13.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105315?format=json","purl":"pkg:deb/debian/thrift@0.13.0-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-jy47-fqk7-qkcp"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105313?format=json","purl":"pkg:deb/debian/thrift@0.17.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.17.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105317?format=json","purl":"pkg:deb/debian/thrift@0.19.0-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gjw-cdbj-f3d4"},{"vulnerability":"VCID-3uzj-42jd-b3gh"},{"vulnerability":"VCID-5vca-4sep-y3h6"},{"vulnerability":"VCID-8vu1-gxmu-aqhh"},{"vulnerability":"VCID-96d3-5ap5-47af"},{"vulnerability":"VCID-dq8c-utx4-zyb3"},{"vulnerability":"VCID-jv9h-pnx8-7fh2"},{"vulnerability":"VCID-p3ye-a1ry-vbbr"},{"vulnerability":"VCID-t18m-8uzd-6bh1"},{"vulnerability":"VCID-tspx-j4pw-gffg"},{"vulnerability":"VCID-zmdk-juzp-cfe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.19.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105316?format=json","purl":"pkg:deb/debian/thrift@0.23.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.23.0-3%3Fdistro=trixie"}],"aliases":["CVE-2019-0210"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tcas-wcd4-vueg"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thrift@0.13.0-6%3Fdistro=trixie"}