Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-25568

Upgrade Thrift jar to fix CVE-2020-13949

    XMLWordPrintableJSON

Details

    Description

      There is potential DoS when processing untrusted Thrift payloads,
      https://seclists.org/oss-sec/2021/q1/140

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. HBASE-25755 Exclude tomcat-embed-core from libthrift

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          Web Link GitHub Pull Request #2958

          Web Link GitHub Pull Request #3043

          Web Link GitHub Pull Request #3083

          Web Link GitHub Pull Request #3084

          Web Link GitHub Pull Request #3085

          Web Link GitHub Pull Request #3086

          Activity

            People

              pankajkumar Pankaj Kumar
              pankajkumar Pankaj Kumar
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: