Brpc@* Security Vulnerabilities and Issues — Brpc@* CVE List

Lucene search

ApacheBrpc*

3 matches found

CVE•added 2024/02/08 9:15 a.m.•223 views

CVE-2024-23452

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description： The http_parser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario:If a message is received with both a Transfer-Enc...

7.5CVSS7.5AI score0.00235EPSS

CVE•added 2023/05/08 9:15 a.m.•67 views

CVE-2023-31039

Security vulnerability in Apache bRPC = 1.5.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2218...

9.8CVSS9.8AI score0.00323EPSS

CVE•added 2023/10/16 9:15 a.m.•54 views

CVE-2023-45757

Security vulnerability in Apache bRPC 1.6.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.6.1/ If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2411 disable rpcz feature

6.1CVSS6.2AI score0.03819EPSS