The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-15b3e80753 advisory. - gRPC contains a vulnerability whereby a client ...
Continue Reading
July 23, 2023
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6cad6e5003 advisory. - gRPC contains a vulnerability whereby a client ...
Continue Reading
July 23, 2023
grpc is vulnerable to Connection Termination. An attacker can terminate the connection between a HTTP2 proxy and the gRPC server by providing a `-bin` suffixed headers, which leads to a base64 encodin ...
Continue Reading
July 15, 2023
The version of ecs-service-connect-agent installed on the remote host is prior to v1.25.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-003 advisory. ...
Continue Reading
July 14, 2023
grpc is vulnerable to Denial Of Service (DoS). The vulnerability exists due to improper header validation which allows an attacker to send headers such as `te: x (x != trailers)`, `scheme: x (x != htt ...
Continue Reading
July 14, 2023
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco ...
Continue Reading
July 10, 2023
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x != ht ...
Continue Reading
July 10, 2023
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of ...
Continue Reading
July 09, 2023
Back to Main
