Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-48431

Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal "free(): invalid pointer" error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-48431
  • Apache » Thrift » Version: 0.10.0
    cpe:2.3:a:apache:thrift:0.10.0
  • Apache » Thrift » Version: 0.11.0
    cpe:2.3:a:apache:thrift:0.11.0
  • Apache » Thrift » Version: 0.12.0
    cpe:2.3:a:apache:thrift:0.12.0
  • Apache » Thrift » Version: 0.13.0
    cpe:2.3:a:apache:thrift:0.13.0
  • Apache » Thrift » Version: 0.2.0
    cpe:2.3:a:apache:thrift:0.2.0
  • Apache » Thrift » Version: 0.3.0
    cpe:2.3:a:apache:thrift:0.3.0
  • Apache » Thrift » Version: 0.4.0
    cpe:2.3:a:apache:thrift:0.4.0
  • Apache » Thrift » Version: 0.5.0
    cpe:2.3:a:apache:thrift:0.5.0
  • Apache » Thrift » Version: 0.6.0
    cpe:2.3:a:apache:thrift:0.6.0
  • Apache » Thrift » Version: 0.6.1
    cpe:2.3:a:apache:thrift:0.6.1
  • Apache » Thrift » Version: 0.7.0
    cpe:2.3:a:apache:thrift:0.7.0
  • Apache » Thrift » Version: 0.8.0
    cpe:2.3:a:apache:thrift:0.8.0
  • Apache » Thrift » Version: 0.9.0
    cpe:2.3:a:apache:thrift:0.9.0
  • Apache » Thrift » Version: 0.9.1
    cpe:2.3:a:apache:thrift:0.9.1
  • Apache » Thrift » Version: 0.9.2
    cpe:2.3:a:apache:thrift:0.9.2
  • Apache » Thrift » Version: 0.9.3
    cpe:2.3:a:apache:thrift:0.9.3
  • Apache » Thrift » Version: 0.9.3.1
    cpe:2.3:a:apache:thrift:0.9.3.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved