CVE-2022-4904 affecting package grpc 1.42.0-7. No patch is available...Read More ...
Continue Reading
December 15, 2023
Libraries that implement HTTP/2 are vulnerable to Denial Of Service (DoS). The vulnerability could be exploited by attackers via sending a large number of HTTP/2 requests to a vulnerable server, then ...
Continue Reading
December 15, 2023
google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...
Continue Reading
December 15, 2023
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8570e0055b advisory. gRPC contains a vulnerability whereby a client can cause a ...
Continue Reading
December 15, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...
Continue Reading
December 15, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-344 advisory. - Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, ...
Continue Reading
December 15, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. **Rec ...
Continue Reading
December 15, 2023
CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...Read More ...
Continue Reading
December 15, 2023
Back to Main
