apache thrift is vulnerable to directory traversal attack. The attack is possible via the set webservers docroot path which was not handled properly.
CPE | Name | Operator | Version |
---|---|---|---|
thrift | le | 0.11.0 | |
thrift | le | 0.11.0 | |
github.com/apache/thrift | eq | HEAD | |
github.com/apache/thrift | le | 0.11.0 | |
git.apache.org/thrift.git | le | 0.11.0 |