servicemesh-proxy is vulnerable to denial of service. An attacker is able to crash the application by sending a malicious packet that specifies a large grpc-timeout, causing envoy to incorrectly calcu ...
Continue Reading
June 30, 2023
gRPC Swift is the open source Swift language implementation of gRPC, which includes a gRPC Swift API and code generator. The API and generated code are provided for gRPC clients and servers and can be ...
Continue Reading
June 30, 2023
## Security Advisory 0071 _._CSAF PDF #### **Date:** January 11th, 2022 Revision | Date | Changes ---|---|--- 1.0 | January 11th, 2022 | Initial release ### Security Advisory 0071 The CVE-ID tracki ...
Continue Reading
June 30, 2023
Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API framewo ...
Continue Reading
June 20, 2023
### Impact Affected gRPC Swift servers are vulnerable to uncontrolled recursion and stack consumption when parsing certain payloads. This may lead to a denial of service. ### Patches The problem has b ...
Continue Reading
June 19, 2023
### Impact Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of se ...
Continue Reading
June 19, 2023
### Impact Affected gRPC Swift servers are vulnerable to precondition failures when parsing certain gRPC Web requests. This may lead to a denial of service. ### Patches The problem has been fixed in 1 ...
Continue Reading
June 19, 2023
A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling `GOAWAY` frames. The attack is low-effort: it takes very little ...
Continue Reading
June 19, 2023
Back to Main
