CNNVD-202512-111 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-111
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
Apache bRPC是美国阿帕奇(Apache)基金会的用于构建可靠和高性能服务的工业级 RPC 框架。 Apache bRPC 1.15.0之前版本存在安全漏洞,该漏洞源于json2pb组件递归不受控制,可能导致服务器崩溃。
Description (English)
Apache bRPC is the United States Apache Foundation ’ s industrial-grade RPC framework for building reliable and high-performance services. There was a security loophole in the pre-Apache bRPC 1.15.0 version, which stemmed from the uncontrolled reversion of json2pb components, which could lead to server collapse.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-12-01
Last Modified
2026-02-24
References
https://lists.apache.org/thread/ozmcsztcpxn61jxod8jo8q46jo0oc1zx http://www.openwall.com/lists/oss-security/2025/12/01/1 https://access.redhat.com/security/cve/cve-2025-59789
Patch
https://brpc.apache.org/docs/downloadbrpc/
Share on: