漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Facebook Thrift 安全漏洞
Vulnerability Description
Facebook Thrift是美国Facebook公司的Apache Thrift的一个分支,是一款用于服务通信的序列化和RPC框架。 Facebook Thrift v2019.12.09.00之前版本(Java)存在安全漏洞。攻击者可通过发送短消息利用该漏洞造成内存大量分配,导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A