VDB
DEBIAN-CVE-2016-5397
DEBIAN-CVE-2016-5397
PUBLISHED
CVSS 8.800000190734863 HIGH
The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.
Risk Scores
CVSS v3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | thrift | 0, 0, 0 |
| Debian:11 | thrift | 0, 0, 0 |
| Debian:12 | thrift | 0, 0, 0 |
| Debian:13 | thrift | 0, 0, 0 |
Timeline
- Feb 12, 2018 CVE Published
- Apr 28, 2026 CVE Updated