**Summary:** Node.js http2 server is vulnerable against denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. ...
Continue ReadingMay 30, 2022
## Overview "The package `grpc` before 1.24.4 and the package `@grpc/grpc-js` before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition." ## Recommendation Upgrade to version 1.1.8 ...
Continue ReadingMay 30, 2022
"The package grpc before 1.24.4 and the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition."Read More ...
Continue ReadingMay 30, 2022
"The package grpc before 1.24.4 and the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition."Read More ...
Continue ReadingMay 30, 2022
The old mentality of building a moat around important assets and trusting anyone or anything that is already inside the castle perimeter has failed us. Attackers have developed many techniques to jump ...
Continue ReadingMay 30, 2022
A flaw was found in envoyproxy/envoy. An attacker, able to craft a packet which specifies a large grpc-timeout, can potentially cause envoy to incorrectly calculate the timeouts resulting in a denial ...
Continue ReadingMay 30, 2022
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...
Continue ReadingMay 30, 2022
# Description `grpc` native core package is vulnerable to `Prototype Pollution`. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. # Pro ...
Continue ReadingMay 30, 2022
Back to Main