## Summary There is a vulnerability in gRPC used by IBM Robotic Process Automation as part of the Natural Language Processing, which may result in an attacker obtaining sensitive information (CVE-2023 ...
Continue Reading
December 15, 2023
The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. ...
Continue Reading
December 15, 2023
google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...
Continue Reading
December 15, 2023
swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-n ...
Continue Reading
December 15, 2023
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant nu ...
Continue Reading
December 15, 2023
The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. ...
Continue Reading
December 15, 2023
Libraries that implement HTTP/2 are vulnerable to Denial Of Service (DoS). The vulnerability could be exploited by attackers via sending a large number of HTTP/2 requests to a vulnerable server, then ...
Continue Reading
December 15, 2023
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12781 advisory. - Envoy is an open source edge and service proxy de ...
Continue Reading
December 15, 2023
Back to Main
