gRPC - API Security Blog

CVE-2022-24777

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachabl ...

30 мая, 2022

CVE-2018-17453

GRPC::Unknown logging token disclosureRead More ...

30 мая, 2022

Virtuozzo Hybrid Server 7.5 Update 3 (7.5.3-391)

Virtuozzo Hybrid Server 7.5 Update 3 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1160.53.1.vz7.185.3. **Vulnerability id:** PSBM-1332 ...

30 мая, 2022

Improper Authentication in etcd

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c ...

30 мая, 2022

Invalid-free in NIOHTTP2.NIOHTTP2Handler.

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44431 ``` Crash type: Invalid-free Crash state: NIOHTTP2.NIOHTTP2Handler. NIOHTTP2.NIOHTTP2Handler.channelRead NIOCore.ChannelHan ...

30 мая, 2022

5 things you must know about Log4Shell

This is the largest vulnerability we have seen in years. 1. **You may still be vulnerable even if your project is not based on Java.** Many tech stacks are vulnerable because so many tools use the L ...

30 мая, 2022

Tarian – Antivirus for Kubernetes

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgPkGHbAoj3VNsTKg0Yfpq3F3RbQHZD1iLK_KScNyEdycLUJMUW98BSbverMoyYJku68OWIZ_qv1uR_spiHZU43wUYpgb7-o59h9AnRRhsbs6hjHueChJ_aHSqldRCu6n3JlhVE_RayQYZLqRz ...

30 мая, 2022

[SECURITY] Fedora 35 Update: golang-github-containerd-ttrpc-1.1.0-1.fc35

GRPC for low-memory environments. The existing grpc-go project requires a lot of memory overhead for importing packages and at runtime. While this is great for many services with low den sity require ...

30 мая, 2022