Primary

Context

Apache Thrift Memory Allocation Vulnerability Prior to Version 0.23.0

Vulnerability

Patched

A memory allocation vulnerability allowing excessive size values has been identified in Apache Thrift, affecting versions prior to 0.23.0. This issue could lead to potential memory-related problems, such as denial-of-service conditions.

Impact

Exploitation of this vulnerability could cause memory allocation issues, potentially leading to denial-of-service conditions by exhausting available memory resources.

Remediation

Users are advised to upgrade to Apache Thrift version 0.23.0 or later, which addresses this vulnerability.

Added: May 5, 2026, 9:17 AM

Updated: May 5, 2026, 9:17 AM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

7.4

remediation

7.7

relevance

7.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

7.4

remediation

7.7

relevance

7.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Thrift Memory Allocation Vulnerability Prior to Version 0.23.0

Vulnerability

Impact

Remediation

Affected Products

Apache Thrift

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating