Denial Of Service (DoS)
Discription
grpc is vulnerable to Denial Of Service (DoS). The vulnerability exists due to improper header validation which allows an attacker to send headers such as `te: x (x != trailers)`, `scheme: x (x != http, https)`, and `grpclb_client_stats: x (x == anything)`, leading to the total header size being over 8kb, resulting in an application crash.Read More
References
Back to Main