VDB
RHSA-2020%3A0961
RHSA-2020%3A0961
PUBLISHED
CVSS 5.900000095367432 MEDIUM
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.
Risk Scores
CVSS 3.0
5.900000095367432
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat JBoss Enterprise Application Platform 7 |
Timeline
- Mar 24, 2020 CVE Published
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2020:0961 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.3 advisory
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/ advisory
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/ advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1764607 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1764612 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1772008 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1807305 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0961.json advisory
- https://access.redhat.com/security/cve/CVE-2019-0205 advisory
- https://www.cve.org/CVERecord?id=CVE-2019-0205 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-0205 advisory
- https://access.redhat.com/security/cve/CVE-2019-0210 advisory
- https://www.cve.org/CVERecord?id=CVE-2019-0210 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-0210 advisory
- https://access.redhat.com/security/cve/CVE-2019-14887 advisory
- https://www.cve.org/CVERecord?id=CVE-2019-14887 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-14887 advisory
- https://access.redhat.com/security/cve/CVE-2020-1745 advisory
…and 5 more