grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading ...
Continue Reading15 декабря, 2023
## Summary There is a vulnerability in gRPC used by IBM Robotic Process Automation as part of the Natural Language Processing, which may result in an attacker obtaining sensitive information (CVE-2023 ...
Continue Reading15 декабря, 2023
The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. ...
Continue Reading15 декабря, 2023
google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...
Continue Reading15 декабря, 2023
swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-n ...
Continue Reading15 декабря, 2023
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant nu ...
Continue Reading15 декабря, 2023
Libraries that implement HTTP/2 are vulnerable to Denial Of Service (DoS). The vulnerability could be exploited by attackers via sending a large number of HTTP/2 requests to a vulnerable server, then ...
Continue Reading15 декабря, 2023
The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. ...
Continue Reading15 декабря, 2023
Back to Main