CVE-2015-1774 A security vulnerability was discovered in the Apache Thrift client libraries, CVE-2015-3254. It was determined that in some cases a remote user could cause unlimited recursion when the skip() function was called within the server. This has being addressed in the Apache Thrift 0.9.3 release and was tracked in THRIFT-3231 [2].
Vendor: The Apache Software Foundation Versions Affected: All Apache Thrift versions 0.9.2 and older may be affected Mitigation: Upgrading to the latest 0.9.3 release -Jake Farrell [1]: CVE-2015-3254 [2]: https://issues.apache.org/jira/browse/THRIFT-3231