The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 9 | all | thrift-compiler | < 0.9.1-2.1 | thrift-compiler_0.9.1-2.1_all.deb |