AZL-41158

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-41158.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-41158

Upstream

CVE-2019-0205

Published

2019-10-29T19:15:15Z

Modified

2026-04-01T05:14:18.404415Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2019-0205 affecting package influxdb for versions less than 2.7.3-4

Details

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-0205

Affected packages

Azure Linux:3 / influxdb

Package

Name: influxdb
Purl: pkg:rpm/azure-linux/influxdb

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.3-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-41158.json"