CVE-2021-24028
First published: Wed Apr 14 2021(Updated: )
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
Credit: cve-assign@fb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Facebook Thrift | <2021.02.22.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-24028?
CVE-2021-24028 is a vulnerability in Facebook Thrift's table-based serialization that can cause the application to crash or potentially result in code execution or other undesirable effects.
How severe is CVE-2021-24028?
CVE-2021-24028 has a severity level of critical with a CVSS score of 9.8.
Which software versions are affected by CVE-2021-24028?
CVE-2021-24028 affects Facebook Thrift versions prior to v2021.02.22.00.
How can I fix CVE-2021-24028?
To fix CVE-2021-24028, update your Facebook Thrift to version v2021.02.22.00 or later.
Where can I find more information about CVE-2021-24028?
You can find more information about CVE-2021-24028 in the following references: [GitHub Commit](https://github.com/facebook/fbthrift/commit/bfda1efa547dce11a38592820916db01b05b9339) and [Facebook Security Advisory](https://www.facebook.com/security/advisories/cve-2021-24028).
- collector/nvd-index
- vendor/facebook
- canonical/facebook thrift