gRPC - API Security Blog

New UAC-0056 activity: Theres a Go Elephant in the room

_This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi._ UAC-0056 also known as SaintBear, UNC2589 and TA471 is a [cyber espionage actor]() that has been active since early 2021 ...

May 30, 2022

CVE-2022-24777

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachabl ...

May 30, 2022

CVE-2018-17453

GRPC::Unknown logging token disclosureRead More ...

May 30, 2022

Virtuozzo Hybrid Server 7.5 Update 3 (7.5.3-391)

Virtuozzo Hybrid Server 7.5 Update 3 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1160.53.1.vz7.185.3. **Vulnerability id:** PSBM-1332 ...

May 30, 2022

[SECURITY] Fedora 36 Update: grpcurl-1.8.6-2.fc36

Like cURL, but for gRPC: Command-line tool for interacting with gRPC server s.Read More ...

May 30, 2022

[SECURITY] Fedora 36 Update: golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc36

GRPC to JSON proxy generator following the gRPC HTTP spec.Read More ...

May 30, 2022

[SECURITY] Fedora 34 Update: grpcurl-1.8.6-2.fc34

Like cURL, but for gRPC: Command-line tool for interacting with gRPC server s.Read More ...

May 30, 2022