CVE-2023-30637

HIGH

Baidu Braft - Memory Leak

Title source: rule

Description

Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.

References (1)

[Exploit, Issue Tracking] https://github.com/baidu/braft/issues/393

Scores

CVSS v3 7.5

EPSS 0.0008

EPSS Percentile 24.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (1)

baidu/braft

Timeline

Published Apr 13, 2023

Tracked Since Feb 18, 2026