Risk Scores
EPSS Score
0.55%
67.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Apache Thrift | Apache Thrift 0.9.3 to 0.13.0 |
Timeline
- Jan 7, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 10, 2021 CVE Updated
- Jun 22, 2021 EPSS Score
- Jun 28, 2021 PoC Published
- Aug 23, 2021 EPSS Score
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Dec 18, 2021 PoC Published
- Dec 25, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 25, 2022 EPSS Score
References
- https://www.ibm.com/support/pages/node/6596145 advisory
- https://www.ibm.com/support/pages/node/6596155 advisory
- https://www.ibm.com/support/pages/node/6596085 advisory
- https://www.ibm.com/support/pages/node/6572497 advisory
- https://lists.apache.org/thread.html/r43dc2b2e928e9d845b07ac075634cb759d91bb852421dc282f87a74a%40%3Cdev.thrift.apache.org%3E url
- [hbase-issues] 20210215 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 opened a new pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [GitHub] [hbase] apurtell commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210215 [GitHub] [hbase] apurtell edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210216 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [thrift-user] 20210217 Apache Thrift 0.14.0 Release not on Maven central mailing-list
- [thrift-user] 20210224 Re: [SECURITY] CVE-2020-13949 Announcement mailing-list
- [hbase-issues] 20210301 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210302 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210302 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
- [hbase-issues] 20210302 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 mailing-list
…and 92 more