CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...Read More ...
Continue Reading
December 14, 2023
## Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. ## Vulnerability Details ** CVEID: **[CVE-2023-32731]() ** DESCRIPTION: **gRPC could allow a remote att ...
Continue Reading
August 29, 2023
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x ! ...
Continue Reading
August 27, 2023
Updates of ['grpc'] packages of Photon OS have been released.Read More ...
Continue Reading
August 27, 2023
## Summary IBM Watson Machine Learning Accelerator 1.2.x is vulnerable to several vulnerabilities coming from dependent compoents. These are addressed. ## Vulnerability Details ** CVEID: **[CVE-2023-2 ...
Continue Reading
August 18, 2023
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of ...
Continue Reading
August 15, 2023
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco ...
Continue Reading
August 15, 2023
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope ...
Continue Reading
August 15, 2023
Back to Main
