gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco ...
Continue Reading
July 07, 2023
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x ! ...
Continue Reading
July 07, 2023
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco ...
Continue Reading
July 07, 2023
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x ! ...
Continue Reading
July 07, 2023
## Summary Potential Enyoy security bypass vulnerability ( CVE-2022-25881) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional informat ...
Continue Reading
July 01, 2023
The stripe daemon command from the stripe-cli exposes a local gRPC server that does not require authentication and allows any local application to execute remote procedures. One of the procedures is L ...
Continue Reading
July 01, 2023
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 is vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd cl ...
Continue Reading
July 01, 2023
Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5138174202347520 Project: grpc Fuzzer: libFuzzer_grpc_uri_fuzzer_test Fuzz target binary: uri_fuzzer_test J ...
Continue Reading
June 30, 2023
Back to Main
