Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN434 _____________________________________________________________________ DATE : 28/04/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Apache Thrift versions prior to 0.23.0. . ===================================================================== https://lists.apache.org/thread/sbtmh53rpfrghkg2x2ooh312t2rn87q2 https://lists.apache.org/thread/xsk66gpygv9wl1c6dt7yn77qwn2qn2md https://lists.apache.org/thread/z4vwqts9qnkkcbdxj6xh94wl2tbkpp26 https://lists.apache.org/thread/d72c9k5j8kt8q520ttpxgc7h9frpth0g https://lists.apache.org/thread/f6hrckhpszwoj6dg552tv5o9wgq3v7gl https://lists.apache.org/thread/nof3c6jqpwx3djsphrlktbojr6s1kvzz https://lists.apache.org/thread/f9gk28507lfrxdr25hspfjb4nbmbnsdx https://lists.apache.org/thread/rqwwg7nwcotkbrl2tqdzzqyhoo1ffjk1 _____________________________________________________________________ CVE-2026-41603: Apache Thrift: Java TSSLTransportFactory hostname verification Severity: critical Affected versions: - Apache Thrift before 0.23.0 Description: Improper Validation of Certificate with Host Mismatch vulnerability in fApache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41603 _____________________________________________________________________ CVE-2026-41607: Apache Thrift: C++ JSON OOB read Severity: important Affected versions: - Apache Thrift before 0.23.0 Description: Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: Hasnain Lakhani (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41607 _____________________________________________________________________ CVE-2026-41606: Apache Thrift: c_glib dispatch stack overflow Severity: important Affected versions: - Apache Thrift before 0.23.0 Description: Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: Hasnain Lakhani (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41606 _____________________________________________________________________ CVE-2026-41605: Apache Thrift: Swift Compact Protocol integer overflow Severity: important Affected versions: - Apache Thrift before 0.23.0 Description: Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: Hasnain Lakhani (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41605 _____________________________________________________________________ CVE-2026-41602: Apache Thrift: Go TFramedTransport uint32 overflow Severity: important Affected versions: - Apache Thrift before 0.23.0 Description: Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: 김범수 (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41602 _____________________________________________________________________ CVE-2025-48431: Apache Thrift glibc language bindings: Specially crafted input can crash a c_glib Thrift server with invalid pointer error. Severity: important Affected versions: - Apache Thrift glibc language bindings before 0.23.0 Description: Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal "free(): invalid pointer" error message. Credit: Hasnain Lakhani (finder) Hasnain Lakhani (remediation developer) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-48431 _____________________________________________________________________ CVE-2026-41636: Apache Thrift: Node.js skip() recursion Severity: Affected versions: - Apache Thrift before 0.23.0 Description: Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: 박시온 (L3G4CY Security Research) (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41636 _____________________________________________________________________ CVE-2026-41604: Apache Thrift: Swift Range crash in skip() Severity: moderate Affected versions: - Apache Thrift before 0.23.0 Description: Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Credit: Hasnain Lakhani (finder) References: https://thrift.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-41604 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================