CVE-2023-30637

Published: Apr 13, 2023Modified: Feb 7, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.

Affected (1)

Products: Baidu: Braft

Baidu

1 product

Braft

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Baidu Braft	Version 1.1.2

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://github.com/baidu/braft/issues/393

Source: cve@mitre.org

ExploitIssue Tracking

https://github.com/baidu/braft/issues/393

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue Tracking

Timeline

No history available yet.