Lucene search
PRIOn knowledge basePRION:CVE-2016-5397HistoryFeb 12, 2018 - 5:29 p.m.
Command injection
2018-02-1217:29:00
PRIOn knowledge base
www.prio-n.com
6
The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.
References
mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E
www.securityfocus.com/bid/103025
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2019:3140
issues.apache.org/jira/browse/THRIFT-3893
lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E
Related
ubuntucve
ubuntucve
CVE-2016-5397
2018-02-12 00:00:00
cvelist
cvelist
CVE-2016-5397
2017-01-13 00:00:00
nvd
nvd
CVE-2016-5397
2018-02-12 17:29:00
github
github
Apache Thrift Go Library Command Injection
2022-05-13 01:25:56
cve
cve
CVE-2016-5397
2018-02-12 17:29:00
osv
osv
Apache Thrift Go Library Command Injection
2022-05-13 01:25:56
CVE-2016-5397
2018-02-12 17:29:00
redhatcve
redhatcve
CVE-2016-5397
2018-02-13 04:49:25
veracode
veracode
Remote Code Execution (RCE)
2018-05-15 05:18:27
debiancve
debiancve
CVE-2016-5397
2018-02-12 17:29:00
ibm
ibm
redhat
redhat
(RHSA-2019:3140) Important: Red Hat JBoss Data Virtualization 6.4.8 security update
2019-10-17 14:53:06
(RHSA-2018:2669) Important: Fuse 7.1 security update
2018-09-11 07:52:48