OSV-2026-629

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/thrift-java/OSV-2026-629.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/OSV-2026-629

Published

2026-04-26T00:19:19.237477Z

Modified

2026-04-28T14:30:59.134628Z

Summary

Security exception in org.apache.thrift.protocol.TProtocolUtil.skip

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506318134

Crash type: Security exception
Crash state:
org.apache.thrift.protocol.TProtocolUtil.skip
org.apache.thrift.protocol.TCompactProtocol.readByte
org.apache.thrift.protocol.TCompactProtocol.readFieldBegin

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506318134

Affected packages

OSS-Fuzz / thrift-java

Package

Name: thrift-java
Purl: pkg:generic/thrift-java

Affected ranges

Type: GIT
Repo: https://github.com/apache/thrift.git
Events: Introduced

4413220324d7694f8db128cd989822ff728df030

Fixed

4190558bdd2881cb048ce0531bd052dc5e4469e3

Affected versions

v0.*

v0.23.0

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

introduced_range

"unknown:4413220324d7694f8db128cd989822ff728df030"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/thrift-java/OSV-2026-629.yaml"

fixed_range

"87a8695d02e6de654f6ea495ad5ec1f8da36e90e:4190558bdd2881cb048ce0531bd052dc5e4469e3"