PT-2026-36985 · Apache · Apache Thrift
Jens Geyer
·
Published
2026-05-05
·
Updated
2026-05-20
·
CVE-2026-43869
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Apache Thrift versions prior to 0.23.0
Description
Improper validation of certificates with host mismatch occurs in Apache Thrift.
Recommendations
Upgrade to version 0.23.0.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Thrift