CVE-2026-43868: Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Jens Geyer Mon, 04 May 2026 16:42:32 -0700

Severity: important 

Affected versions:


- Apache Thrift before 0.23.0

Description:

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift.

This issue affects Apache Thrift: before 0.23.0.

Users are recommended to upgrade to version 0.23.0, which fixes the issue.

References:

https://thrift.apache.org/
https://www.cve.org/CVERecord?id=CVE-2026-43868

CVE-2026-43868: Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Reply via email to