Google Grpc
6 CVEs affecting Google Grpc. Latest disclosed: 2024-08-06. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4785 | High | 7.5 | 2023-09-13 | Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial… |
CVE-2023-33953 | High | 7.5 | 2023-08-09 | gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Th… |
CVE-2023-1428 | High | 7.5 | 2023-06-09 | There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2… |
CVE-2023-32731 | High | 7.4 | 2023-06-09 | When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be ski… |
CVE-2023-32732 | Medium | 5.3 | 2023-06-09 | gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin… |
CVE-2024-7246 | | 2024-08-06 | It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see faile… |