CNNVD-202508-1503 Information

CNNVD ID

CNNVD-202508-1503

Related CVE

CVE-2025-54472

• CNNVD Published: 2025-08-14

Description (Chinese)

Apache bRPC是美国阿帕奇（Apache）基金会的用于构建可靠和高性能服务的工业级 RPC 框架。 Apache bRPC 1.14.1之前版本存在安全漏洞，该漏洞源于Redis协议解析器内存分配不当，可能导致拒绝服务。

Description (English)

Apache bRPC is the United States Apache Foundation ’ s industrial-grade RPC framework for building reliable and high-performance services. There was a security loophole in the pre-Apache bRPC 1.14.1 version, which stemmed from the inappropriate distribution of Redis protocol resolvers ’ memory, which could lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-08-14

Last Modified

2026-02-24

References

https://lists.apache.org/thread/r3xsy3wvs4kmfhc281173k5b6ll1xt2m https://nvd.nist.gov/vuln/detail/CVE-2025-54472

Patch

https://brpc.apache.org/docs/downloadbrpc/